www.balipost.com Open in urlscan Pro
188.166.207.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balipost.com/
Effective URL:
https://www.balipost.com/
Submission: On February 04 via manual (February 4th 2023, 6:10:18 am UTC) from ID — Scanned from DE

Summary HTTP 367 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 44 IPs in 11 countries across 45 domains to perform 367 HTTP transactions. The main IP is 188.166.207.31, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is www.balipost.com.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.

This is the only time www.balipost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 122	188.166.207.31 188.166.207.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
3 3	3.122.16.208 3.122.16.208	16509 (AMAZON-02) (AMAZON-02)
1 24	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2600:9000:220... 2600:9000:2204:ea00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
2 5	2.19.44.80 2.19.44.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
5	18.130.177.194 18.130.177.194	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:12a4:d572:eb13:afa1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.24.7 3.68.24.7	16509 (AMAZON-02) (AMAZON-02)
18	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
1	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.9.112.14 3.9.112.14	16509 (AMAZON-02) (AMAZON-02)
367	44

122 188.166.207.31 (Singapore) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

balipost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.balipost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.16.208 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-16-208.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.251.39.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ea00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.167 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.44.80 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-80.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.130.177.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:12a4:d572:eb13:afa1 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.24.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-24-7.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.9.112.14 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	balipost.com 2 redirects balipost.com www.balipost.com	2 MB
48	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 184	154 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27638 ad4m.at — Cisco Umbrella Rank: 9391 assets.ad4m.at — Cisco Umbrella Rank: 39464	2 MB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	475 KB
25	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 568 track.adform.net — Cisco Umbrella Rank: 3696 s1.adform.net — Cisco Umbrella Rank: 8046	145 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	243 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 2636 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
8	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19463 api.webgains.io — Cisco Umbrella Rank: 57676	63 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	337 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938 static-de.ad4mat.net — Cisco Umbrella Rank: 113105	11 KB
5	webgains.com track.webgains.com — Cisco Umbrella Rank: 47375	57 KB
5	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15368	3 KB
5	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 31195 hal900028.redintelligence.net — Cisco Umbrella Rank: 242798	6 KB
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	2 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4453 pixel.mathtag.com — Cisco Umbrella Rank: 975	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	25 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 725	828 B
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	924 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	1 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 693	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	529 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	801 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	924 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5986 adservice.google.de — Cisco Umbrella Rank: 8741	939 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 54195	1 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 58936	15 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1854	296 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 57500	673 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76484	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 66678	332 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 67818	186 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 82288	549 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12230	554 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2918	104 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	577 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	541 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	75 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	445 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	601 B
367	45

	Domain	Requested by
120	www.balipost.com	www.balipost.com
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	cm.g.doubleclick.net	1 redirects www.balipost.com googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.balipost.com
18	s1.adform.net	track.adform.net s1.adform.net www.balipost.com
18	assets.ad4m.at	as.ad4m.at
16	pagead2.googlesyndication.com	www.balipost.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
9	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	www.google.com	1 redirects www.balipost.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	api.webgains.io	analytics.webgains.io
5	track.webgains.com	as.ad4m.at
5	track.adform.net	hal900028.redintelligence.net s1.adform.net
5	www.awin1.com	2 redirects as.ad4m.at
4	ad.doubleclick.net	4 redirects
4	hal900028.redintelligence.net	hal9000.redintelligence.net hal900028.redintelligence.net
4	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	www.balipost.com googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	s1.adform.net
3	static-de.ad4mat.net	as.ad4m.at
3	onetag-sys.com	2 redirects www.balipost.com
3	d5p.de17a.com	3 redirects
3	eb2.3lift.com	3 redirects
3	pm.w55c.net	3 redirects
3	prod-rtb.ad4mat.net	www.balipost.com googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
2	analytics.webgains.io	track.webgains.com
2	x.bidswitch.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.balipost.com
2	balipost.com	2 redirects
1	cdn.contentspread.net	hal900028.redintelligence.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	banner.congstar.de	as.ad4m.at
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.balipost.com
1	ads.travelaudience.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.balipost.com
1	cse.google.com	www.balipost.com
1	stats.g.doubleclick.net	www.google-analytics.com
367	62

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.hypernet.co.id
www.facebook.com
instagram.com
gourl.id

Subject Issuer	Validity	Valid
balipost.com R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
contentspread.net R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh

This page contains 43 frames:

Primary Page: https://www.balipost.com/
Frame ID: 0FFCBA977A6621DEF1676E95A74DBF7C
Requests: 146 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: AE74A8F2A12592809B8F888974E09698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&adk=1812271804&adf=3025194257&lmt=1675488952&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.balipost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009352&bpp=3&bdt=996&idt=180&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1687248506228&frm=20&pv=2&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: 7AD94554BAF70DD0CEE270F6C65AC608
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Frame ID: A57EA2303F1C26E8C61E37313E02AC4F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Frame ID: A3FC284A63AC2B41A79CB6CCEE9AEE7B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Frame ID: 01A2F599D15DC659FAFFBEB51702EE7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Frame ID: 92B6A2500C9F2AAF8854D5B075BE99D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=238&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=GrlIAUldlz&p=https%3A//www.balipost.com&dtd=240
Frame ID: D744F46E0766931E7E42A1183277749B
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/pagead/drt/ui
Frame ID: 9FDB69B36A29A0A02BC765139ECB61A1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 2FCA8EEAF852D662BB775792BAAC0747
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 3F6D8532EF811367C94C5FE0FFFA84AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 82FC646688FF9DB56F3C161AD274C9A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Frame ID: 4CFA6FB849B57E7CB7FC9B555792805E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Frame ID: C6353E3BD3CBECA8F2171AC57ED2C8CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Frame ID: 2DE060908AF28DCFD47DE1A4C79AFFB2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Frame ID: 121F96D68A5BD3503DC55DB2E33A8338
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Frame ID: EBE25DB3179DF17B56FCCB1C927C1E8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Frame ID: ECBA1EBCBEC83D04AD87969F2B107BFF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Frame ID: ACC4252335A713690E543EC0703245EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Frame ID: 4F56A26A3EE45C8F2555AB95DA658C93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Frame ID: 04EC96C29C805ABB0FBB7E98DC721430
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Frame ID: FE692B2AE91A2AD9D68CAD5688C0A6C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Frame ID: F38223DE3F107BE5C057914CE9D6054A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Frame ID: 8C8595923AAD9F186035F6EE6E520B67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CBW9LwvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw1maIjeiUxDqLTarPVRbrDKjsdJYbWNJVQ4g9a61wsgFdSdufoGXYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=WZ6rda_iX30&uach_m=[UACH]&cid=CAQSKQDUE5ymOq2owPxcMptm2vn2KfdmaR8PWh0stw4Y7U-Nxi6cX_rMhurNGAE
Frame ID: C5D5A4611486AA92A727EDCBBA16EABC
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D
Frame ID: B515D5378013BFDC9D422978B4D8B8AB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54582C0E6A44B7581DE401A90534CF6B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D
Frame ID: 4CDD308635E7025303EED036FD18824A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C676C298BE0FBC0AAC3325349C97DA94
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CNA-LwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTmAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPkjj3V2YY_22tX8iTUNOS7su84WEE1h9ASdnAfV5Qo11r8JEG46PgAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=-2ogVMQ-sfA&uach_m=[UACH]&cid=CAQSKQDUE5ymDw0ghuTu5WbtsxEAgM_RGEihmcVwETs2-VxoTqba4w3KhHDSGAE
Frame ID: 99690C2718CC3EABCC4F259B285DC6F7
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D
Frame ID: E638888A640DE1D577ED8479E9CDCAAA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3A340C969E48C33C0D2FB09D3131BE7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A6645843634D7D9DA861AC58B96181F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 80C74C7809E2E31EE4077AC81B270C3A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4D9A9A47DA896A0A4B07B23E82DF0A0F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Frame ID: 920EA74ECB62A717FA34863DBAB9E076
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Frame ID: 7B44C4265582A7D975ED18C39CD89EE7
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Frame ID: 1997F795B96E0E324E124A2FE9EEF20D
Requests: 14 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
Frame ID: F7FCA91AA1AA4AE0647748ACD8C0E082
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B52CF09315A79C9A0535F1497D15937
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12320325/12320325.js?ADFassetID=12320325&bv=258
Frame ID: 744227607C47D9D9A3BF3E541F35F829
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A9D62362F8D5C600E65B8E6068FF91C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4514453339E1C7F28903259DCB0A44B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BALIPOST.com - Berita Bali terKini, terUpdate dan terPercaya | Portal Media Inspirasi Local Untuk Global

Page URL History Show full URLs

http://balipost.com/ HTTP 301
https://balipost.com/ HTTP 301
https://www.balipost.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

367
Requests

90 %
HTTPS

43 %
IPv6

45
Domains

62
Subdomains

44
IPs

11
Countries

5872 kB
Transfer

11054 kB
Size

44
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/balipost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/balipost_com/

Search URL Search Domain Scan URL

URL: http://twitter.com/balipostcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUKs-u3OChJ5Dd57brARhYQ

Search URL Search Domain Scan URL

URL: https://www.hypernet.co.id/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balipost
Title: Suka

Search URL Search Domain Scan URL

URL: http://instagram.com/balipost_com
Title: Mengikuti

Search URL Search Domain Scan URL

URL: https://twitter.com/balipostcom
Title: Mengikuti

Search URL Search Domain Scan URL

URL: http://www.youtube.com/channel/UCUKs-u3OChJ5Dd57brARhYQ
Title: Berlangganan

Search URL Search Domain Scan URL

URL: https://gourl.id/zWFWB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balipost.com/ HTTP 301
https://balipost.com/ HTTP 301
https://www.balipost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://www.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0 HTTP 301
https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0

Request Chain 234

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJRIhnxPDbll_4T3dNXdrt1ytPmFGDCmDroiL1YrI2-Z19wr8L4ewp1roMI HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJRIhnxPDbll_4T3dNXdrt1ytPmFGDCmDroiL1YrI2-Z19wr8L4ewp1roMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJRIhnxPDbll_4T3dNXdrt1ytPmFGDCmDroiL1YrI2-Z19wr8L4ewp1roMI

Request Chain 235

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKI6traxXKdIkJa8LexDXck&google_cver=1&google_push=Aa02lx-2M9R-ibYDt1bWExpiugH93L2LNYgXxCEvZ_Bhqp_qItYBIJTgbAvfEZXjRTYKDSY1OwTijKZVjUZSG_iObq75QIJQImVctT0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKI6traxXKdIkJa8LexDXck&google_cver=1&google_push=Aa02lx-2M9R-ibYDt1bWExpiugH93L2LNYgXxCEvZ_Bhqp_qItYBIJTgbAvfEZXjRTYKDSY1OwTijKZVjUZSG_iObq75QIJQImVctT0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jFnV2H0zReG8BJc4EYonhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-2M9R-ibYDt1bWExpiugH93L2LNYgXxCEvZ_Bhqp_qItYBIJTgbAvfEZXjRTYKDSY1OwTijKZVjUZSG_iObq75QIJQImVctT0

Request Chain 236

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELoM9bcfmC9HK5vqKwV3v-I&google_cver=1&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMzpC9pu_O2MdQQOc-u-see7naXOrcL1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjctMUUtNDRBTg==&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMzpC9pu_O2MdQQOc-u-see7naXOrcL1

Request Chain 237

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO2JqJyHR34uVi9AgzZ4Cn8&google_cver=1&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf-7UJNTw6Bjetcl5X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf-7UJNTw6Bjetcl5X

Request Chain 239

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDHnapzaSyZy5TmdxVRuMfs&google_cver=1&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRrRe8-k7IR7b8PV9qEx-yDma7BXbhnwzvQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDHnapzaSyZy5TmdxVRuMfs&google_cver=1&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRrRe8-k7IR7b8PV9qEx-yDma7BXbhnwzvQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1zQm93aEZSRTJ1R0lPazkwcVVIelRHeUxTaG02VGlUZ35B&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRrRe8-k7IR7b8PV9qEx-yDma7BXbhnwzvQ

Request Chain 243

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJSvbnHxh12jo-OGssFcm0Q&google_cver=1&google_push=Aa02lx_rvvDZvyUZcKGOQXL8Itm_ots96D8etWV-RVAUWfQP1_Fo0KEicOyusymaEmI1QufQRhZY0CGK-1P02UaS1PCf_404ahdHQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJSvbnHxh12jo-OGssFcm0Q&google_push=Aa02lx_rvvDZvyUZcKGOQXL8Itm_ots96D8etWV-RVAUWfQP1_Fo0KEicOyusymaEmI1QufQRhZY0CGK-1P02UaS1PCf_404ahdHQA

Request Chain 245

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMxgc4LJB0JftK0EfIgqxtw&google_cver=1&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6DMWa9ZTvc3X0dhZWA0FjpZA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMxgc4LJB0JftK0EfIgqxtw&google_cver=1&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6DMWa9ZTvc3X0dhZWA0FjpZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkzMTgyNzAyODY3MzU2OTU2NA&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6DMWa9ZTvc3X0dhZWA0FjpZA

Request Chain 246

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELoM9bcfmC9HK5vqKwV3v-I&google_cver=1&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUWZDek8meW8IY-PptVYxQgWgZ2J8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjktSy0xOFZO&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUWZDek8meW8IY-PptVYxQgWgZ2J8A

Request Chain 247

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHTBW1BRhCbZ1Xf2pLXi8Oc&google_cver=1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675491011119 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-52b63add-75be-4aa1-8c67-3ccf90f3db2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE%26google_hm%3DA1K2Ot11vkqhjGc8z5Dz2yo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&google_hm=A1K2Ot11vkqhjGc8z5Dz2yo

Request Chain 248

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDOJwwJ5KSRMHKa-aRiusz4&google_cver=1&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCekGJQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCekGJQ&google_gid=CAESEDOJwwJ5KSRMHKa-aRiusz4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCekGJQ

Request Chain 259

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJlummUHNEChZM69EhKB6i8&google_cver=1&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIxNiF4a2cZpnt2YjM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8MLDoxjqRfqSwzMlzU7w8A2&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIxNiF4a2cZpnt2YjM

Request Chain 260

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA

Request Chain 261

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_cver=1&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeox5TTm0rZ0kys7hCUCsKdYI8gIZAXtjYVF1SLvHyBGNsI1KI2wL-kX0QPmduLusf0g HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeox5TTm0rZ0kys7hCUCsKdYI8gIZAXtjYVF1SLvHyBGNsI1KI2wL-kX0QPmduLusf0g&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_hm=Y932w98NxDInPKMdgE1qJwAABK8AAAIB&google_nid=index&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeox5TTm0rZ0kys7hCUCsKdYI8gIZAXtjYVF1SLvHyBGNsI1KI2wL-kX0QPmduLusf0g

Request Chain 262

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDOJwwJ5KSRMHKa-aRiusz4&google_cver=1&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmhYUUkYHM2iZFcL84XrgkGWeaPnn8vJn7Td2hZTvUyRIslyDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmhYUUkYHM2iZFcL84XrgkGWeaPnn8vJn7Td2hZTvUyRIslyDg

Request Chain 263

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKKmXmw-7ybytPD_aC6nkpA&google_cver=1&google_push=Aa02lx8RxvlgXBPsacbcHTHUcLGfotm5QUWUQdmmWStPd7yZ25wwM7KW12hqZkgF-9gFEhBRqIBjKM6iv2hU4mkfV-BTDB_Y6T6VUGRq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8RxvlgXBPsacbcHTHUcLGfotm5QUWUQdmmWStPd7yZ25wwM7KW12hqZkgF-9gFEhBRqIBjKM6iv2hU4mkfV-BTDB_Y6T6VUGRq HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 292

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKzSy7Sa-_wCFc8R4AodmO8L0g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675491011_95501380-a452-11ed-ab4b-226222ea62e0

Request Chain 301

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKrTy7Sa-_wCFcsk4AodVrgOTg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 304

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1675491011_953f4aa0-a452-11ed-a8d1-22346ba814b1&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 319

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSYsUwP10cle9SlOb5vrXw&google_cver=1&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-p_kHPANxSjepqqMknUT8AovRHEVm67oGn3N5Qi8jt4tw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-p_kHPANxSjepqqMknUT8AovRHEVm67oGn3N5Qi8jt4tw&google_hm=9x9bzoLuoF1qsqN_e_28Rw

Request Chain 320

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_-GJOL_ct8HdcDt9lQ3o_bG5lDm7ECHRwIKyGEVPhpLKTsjFSJcvu9jkmnno7SB0bnClfZrOgad8YbX06Wx5G2-aMTznpxyZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_-GJOL_ct8HdcDt9lQ3o_bG5lDm7ECHRwIKyGEVPhpLKTsjFSJcvu9jkmnno7SB0bnClfZrOgad8YbX06Wx5G2-aMTznpxyZk

Request Chain 322

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxtsPyqscENU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxtsPyqscENU

Request Chain 324

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKKmXmw-7ybytPD_aC6nkpA&google_cver=1&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wxNhWWafEIfgfqYoBRDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wxNhWWafEIfgfqYoBRDg

Request Chain 325

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGX1G-6kU6VIwBdctP7fpzY&google_cver=1&google_push=Aa02lx--eH8o_VRi7aXuoy7KoiaHX7eVYESMIOfEHoJRIwcmwGHTYPkUigiYXLZden_5GseAIaZsO-aOt2WfsWszXkx_4_tURqZ7D_I HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGX1G-6kU6VIwBdctP7fpzY&google_cver=1&google_push=Aa02lx--eH8o_VRi7aXuoy7KoiaHX7eVYESMIOfEHoJRIwcmwGHTYPkUigiYXLZden_5GseAIaZsO-aOt2WfsWszXkx_4_tURqZ7D_I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=499b6096-8e28-4734-8ddc-37bd1ab600f0&%%GOOGLE_PUSH_PAIR%%

367 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.balipost.com/
Redirect Chain

http://balipost.com/
https://balipost.com/
https://www.balipost.com/

263 KB
39 KB

475ms
366ms

Document
text/html

188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

898ba5f231a1a1227493f31318de90ab8d2d3ae71245f601680a1946f55d8bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 39809
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 06:10:08 GMT
expires: Sat, 04 Feb 2023 06:10:08 GMT
last-modified: Sat, 04 Feb 2023 05:35:52 GMT
server: nginx
vary: Accept,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0
content-length: 408
content-type: text/html; charset=iso-8859-1
date: Sat, 04 Feb 2023 06:10:07 GMT
expires: Sat, 04 Feb 2023 06:10:07 GMT
location: https://www.balipost.com/
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 0e358f1a917bc71e6ba25a67ec5e0e91.css
www.balipost.com/wp-content/cache/min/1/ 2 MB
208 KB 356ms
352ms Stylesheet
text/css 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

25bd2dcbb8fe8d036d346302b46f8a72c0d8aafc9fb152b44afd648a9a1f9e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
918 B 109ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 04:22:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:10:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 110ms
44ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 04:22:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:10:08 GMT

GET
H2 200 jquery.js Show response
www.balipost.com/wp-includes/js/jquery/ 95 KB
33 KB 355ms
350ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/jquery.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 33766
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.balipost.com/wp-includes/js/jquery/ 10 KB
4 KB 355ms
351ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4014
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 1 KB
1 KB 181ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/jquery.mousewheel.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 08:01:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 20 KB
5 KB 182ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/jquery.touchSwipe.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 08:01:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5051
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 swfobject-4f8949bc85277101259307d8df9ffa92.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 10 KB
4 KB 183ms
179ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/swfobject-4f8949bc85277101259307d8df9ffa92.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d03a0e0c2c6cc47e5799d246a77f6803365c08ece711e91e5368d5cb7ca70ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3839
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 audio6_html5-71d43efe06f99119f2a2a8f7708fb4f3.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/ 37 KB
10 KB 181ms
177ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/lbg-audio6-html5-shoutcast_history/audio6_html5_radio_history/js/audio6_html5-71d43efe06f99119f2a2a8f7708fb4f3.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

13a1889f00fd2c485843b0bd47ac837f8cb6fd68a527bb256b9055a5825c2f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10207
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.visible.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 479 B
597 B 179ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/jquery.visible.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fc58b23d3f77487278dcf48df8b26048ee6c880cd7adf98901523472045fa9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 285
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 Chart.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 170 KB
53 KB 355ms
351ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/Chart.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

eded12b276b31b3393992b0a701a16b79b4a5172329a0e3ca59b97ae862368e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 54000
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 modal_survey_answer-129e273465258571d32554b485af35fe.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/ 17 KB
5 KB 183ms
180ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/modal_survey_answer-129e273465258571d32554b485af35fe.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5fd0136596d768ea3b04a98065190a3126dfa55ae360ef0e2cabcb4898724c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4952
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 modal_survey-89a7ccdccf66ac9f7263c349ff8bb465.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/ 106 KB
20 KB 532ms
528ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/modal_survey/templates/assets/js/modal_survey-89a7ccdccf66ac9f7263c349ff8bb465.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c6f2ae620b42156c1d34649d570b881fd4816905f85188237474ec42b66519bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 20636
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.circliful.min.js Show response
www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/ 5 KB
3 KB 529ms
526ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/modal_survey/templates/assets/js/jquery.circliful.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c40bae480ece754561ff5f38ce646abadaf26c947c3c0fe88b99c03ec379bdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Jul 2020 22:04:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2397
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 advertising-d4f43c1f8ffde9d18d6182f77540db3e.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dev/js/ 27 B
335 B 529ms
526ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dev/js/advertising-d4f43c1f8ffde9d18d6182f77540db3e.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88338376e9ea49dbeee61d90650b389d9a48bd6a6dce148851cff3adbe2290c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
vary: Accept-Encoding, Referer,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.watermark-748fdd969768995450ae6445f5197a14.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/contentprotector/js/ 4 KB
2 KB 529ms
527ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/contentprotector/js/jquery.watermark-748fdd969768995450ae6445f5197a14.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3728cd70035de1dcb42dc4088a299ed643d82084cfd1e6a0fb96316c6d87bc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1498
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 owl.carousel-80506515d117ab4b13265f739d5dc8f0.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/ 76 KB
18 KB 531ms
528ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel-80506515d117ab4b13265f739d5dc8f0.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4ef427307dd25f232b0f24e5a33d28be07a0ef2508206f3f5ef674872542d07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17598
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 logo-slider-wp-public-aa35307ce0225a1b34dacffb0146bcb2.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/js/ 965 B
750 B 530ms
527ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/logo-slider-wp/public/assets/js/logo-slider-wp-public-aa35307ce0225a1b34dacffb0146bcb2.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bc7a2f5ef6df036657a8c1ae6e15c836d553a21443598ce5d729e69ff0d6bfaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 438
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.balipost.com/wp-content/plugins/revslider/public/assets/js/ 105 KB
37 KB 531ms
529ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:19:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 37356
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
www.balipost.com/wp-content/plugins/revslider/public/assets/js/ 61 KB
17 KB 530ms
528ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bc520f34e0e2530005a386d108c6422878efe5eee987659ba867015fde2ddf53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:19:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17259
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 ytprefs.min.js Show response
www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ 10 KB
3 KB 529ms
527ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

01c4b7ea2a08142064d2c3994a2cc73d7c55125d586d2a918ce3482f4439e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 00:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3173
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 149ms
63ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7624ecab97af5f18196adfc73ebeb26ba84ec0cfbb061eb5342b8f65425085ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49972
x-xss-protection: 0
server: cafe
etag: 173253875919175985
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:10:09 GMT

GET
H2 200 logo-272x90.png
www.balipost.com/wp-content/uploads/2017/02/ 7 KB
7 KB 238ms
238ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/logo-272x90.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bb3cd0189708f2914df04c6adc00ef07a1f64d376dfe6c548d4f02e7bb3c113f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 23:18:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7091
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 logo-m-140x48.png
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
4 KB 177ms
177ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/logo-m-140x48.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

32879fa63106d2274fd3a49869030f5891a0d95ea33efc1cbab2f0b26e8a3ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 23:18:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4027
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 hypernrt-728x90.png
www.balipost.com/wp-content/uploads/2022/08/ 88 KB
88 KB 239ms
239ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/08/hypernrt-728x90.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4d48c41075f946b87b5d28b956eba524d999fe842644ad835d63222787485aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 04:51:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 89893
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 82 KB
83 KB 178ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

03585b5ebb982715d59560def5c14760821e2ad65fdd486cad08fe34ab28f300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:58:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 84337
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 45 KB
46 KB 177ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bda6de7191fb31fe41ba1fe08532b09c39f7753aca12545dbb6bd3f89155cff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:12:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 46517
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-900x580.jpg
www.balipost.com/wp-content/uploads/2023/02/ 72 KB
72 KB 179ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-900x580.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

855ffaf8cfcd55c62278da9898d1d37bc1b56bb76b3a686a02a478f64c070858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:33:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 73483
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_angin-kencang-landa-sejumlah-wilayah-di-bali-bpbd-minta-masyarakat-waspada_01-696x385.jpg
www.balipost.com/wp-content/uploads/2023/01/ 75 KB
75 KB 178ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_angin-kencang-landa-sejumlah-wilayah-di-bali-bpbd-minta-masyarakat-waspada_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

475dcf95fc330f8fa684115576568b15a255102f3ca4f2c60ba68df04483e471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Jan 2023 09:11:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 76518
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 balipostcom_jelang-malam-tahun-baru-presiden-cabut-kebijakan-ppkm_01-696x385.jpg
www.balipost.com/wp-content/uploads/2022/12/ 39 KB
39 KB 179ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_jelang-malam-tahun-baru-presiden-cabut-kebijakan-ppkm_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

558cd367c0ef5e3ae7513f6cd81f98649bd5b8a1d45ccdc702e4191a6e456ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Dec 2022 08:17:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 39614
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_dua-gempa-susulan-terjadi-dirasakan-hingga-denpasar-dan-buat-warga-berhamburan_01-696x385.jpg
www.balipost.com/wp-content/uploads/2022/12/ 26 KB
26 KB 181ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_dua-gempa-susulan-terjadi-dirasakan-hingga-denpasar-dan-buat-warga-berhamburan_01-696x385.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e2780421fde3ad718b748203906425b9e2a9c9cfdb68e68f5990658dcc4e8dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Dec 2022 07:58:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 26794
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_disengat-tawon-pegawai-dishub-karangasem-meninggal_01-324x160.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
12 KB 180ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_disengat-tawon-pegawai-dishub-karangasem-meninggal_01-324x160.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

12f0daafcb2564c17988b4b35be5ac578b86c7e5100d54eead4a1ecb22dc3c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:40:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11680
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_porter-bandara-curi-uang-puluhan-juta-dari-penumpang-pesawat_01-324x160.jpg
www.balipost.com/wp-content/uploads/2023/02/ 15 KB
15 KB 182ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_porter-bandara-curi-uang-puluhan-juta-dari-penumpang-pesawat_01-324x160.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5c715c66572d4f5a7648af2fe46d9e3f6692050bf83cce16e898d67044d18abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:33:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 15263
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 181ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_terkait-dua-isu-penculikan-kapolres-karangasem-minta-ortu-tingkatkan-pengawasan_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f188f6b66c3985d323b50898dfd4cd1d850762bb370e9a60f5f4b8de198b7ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 04:19:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3676
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_bangun-tabanan-bupati-dan-wabup-diminta-akur_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 179ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bangun-tabanan-bupati-dan-wabup-diminta-akur_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6552b5001c6029341f5ae010016614d1480f7deedfa84dd422b589ad942b7811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 03:49:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3836
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 3 KB
3 KB 178ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_ditanya-pengerupukan-hingga-pemotor-pakai-udeng-ini-kata-kapolresta_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

670aa98261f6f47763a0e2f55bfa5dbdcad3feda46522a9cb0d1be718897f227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 06:32:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3190
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_kunjungi-pasar-kereneng-mendag-cek-harga-bahan-pokok_01-100x70.jpg
www.balipost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 177ms
175ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kunjungi-pasar-kereneng-mendag-cek-harga-bahan-pokok_01-100x70.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

317681b1a750d61380dc629262df35675467a5aed72b5d472833e0ec6d464f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 02:57:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3610
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_living-world-denpasar-gelar-mall-preview_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 9 KB
9 KB 178ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_living-world-denpasar-gelar-mall-preview_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fbe22412efdc4b5dc49adc47132fcfdd184c3b5f99a8d43321a38e1f182d0b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 07:44:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8833
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_film-tanpa-ampun-angkat-kisah-nyata-warning-bagi-premanisme_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 10 KB
10 KB 179ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_film-tanpa-ampun-angkat-kisah-nyata-warning-bagi-premanisme_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

56fdd5e79a54b488e0085fc0082d6c5df5fee441843166ff1db4f006d08e8281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 23:20:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 9787
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_setelah-33-tahun-presiden-ri-kembali-kunjungi-melaya_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 12 KB
12 KB 180ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_setelah-33-tahun-presiden-ri-kembali-kunjungi-melaya_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

218b463d1015f6d364af02ffb5140470540e96bcbf5669eef4fb4bd0bf358142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 11:38:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 12269
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 maxresdefault-3-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 177ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-3-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

64a9f2909a7d2169cdb6f615b9105e49cf75a12a16fbbefc93af6cfa618dbea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 08:46:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10599
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 ico-video-large.png
www.balipost.com/wp-content/themes/balipost/images/icons/ 695 B
965 B 184ms
182ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/ico-video-large.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

28d9374b9c173602edd327992c7696a708a524f590d749e8ad31855f4fcd7e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 695
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 maxresdefault-2-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 191ms
189ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-2-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5b4d31192aba6f76ad3ab4b13a45456e2d0f5dd63f1a841fb3f986baa6ee8155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 06:53:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10571
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 maxresdefault-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 10 KB
11 KB 186ms
183ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/maxresdefault-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b82fdc5eb2fe1f654362eda77297507118b2dec1fb16fc3fe393cf590f9b8c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jan 2023 10:52:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10483
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_desa-adat-kwanji-gelar-melaspas-dan-ngenteg-linggih_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 10 KB
11 KB 185ms
182ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_desa-adat-kwanji-gelar-melaspas-dan-ngenteg-linggih_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

243a13a999bab66e6d4aa847ecfe386b2d4507f803d47da4902186c194684afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 02:26:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10470
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_denpasar-pantau-ketersediaan-pangan-lewat-si-papa-online_01-218x150.jpg
www.balipost.com/wp-content/uploads/2022/07/ 27 KB
28 KB 184ms
183ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/07/balipostcom_denpasar-pantau-ketersediaan-pangan-lewat-si-papa-online_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

79e8acad3757220fe08f18ddba9afffb7a9d41405f7e3e197199f09e06c98285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 05:33:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 28052
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 balipostcom_miliki-seratusan-butir-ineks-dan-puluhan-gram-sabu-dagang-sepatu-ditangkap_01-218x150.jpg
www.balipost.com/wp-content/uploads/2022/01/ 9 KB
9 KB 185ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/01/balipostcom_miliki-seratusan-butir-ineks-dan-puluhan-gram-sabu-dagang-sepatu-ditangkap_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

df8cf94c6c06aac8538d3b41bb58f8ab2ef023a8a4460b58d57fe4422d9d6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2022 12:34:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 9113
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_penguatan-karakter-pada-masa-krisis_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/03/ 16 KB
16 KB 203ms
174ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/03/balipostcom_penguatan-karakter-pada-masa-krisis_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0780defe5ba5863237025d0cfdc28e5304dc35c7bdb3ee6e283cba3f7aff46b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 02:55:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16195
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_pikun-mulai-menghampiri-coba-praktikkan-7-cara-ini_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 8 KB
8 KB 201ms
172ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pikun-mulai-menghampiri-coba-praktikkan-7-cara-ini_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fa79079ea0b82b1325f59d113913bf0a168df6bbd223ca97f4b1a831f7576a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 01:26:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8063
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_makanan-pemicu-sakit-kepala_01-218x150.jpg
www.balipost.com/wp-content/uploads/2017/05/ 16 KB
17 KB 202ms
173ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/05/balipostcom_makanan-pemicu-sakit-kepala_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9605460846a5247ae9f7d94da7898e16f90c30852b571a533d3dde3f273cb6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 May 2017 04:41:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16704
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_kerja-sambil-ngafe-5-cafe-di-ubud-ini-bisa-kamu-datangi_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 7 KB
8 KB 201ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kerja-sambil-ngafe-5-cafe-di-ubud-ini-bisa-kamu-datangi_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3d856dcb624b1cbc91a78c398493d33c9f69270db63d937204b434506aa331da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 00:49:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_pasangan-ngambek-bikin-pusing-lakukan-7-cara-ini_02-218x150.jpg
www.balipost.com/wp-content/uploads/2023/01/ 7 KB
7 KB 201ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_pasangan-ngambek-bikin-pusing-lakukan-7-cara-ini_02-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f94cceef8c9d24c45af5446bf1a8431cfb7d1e3596b9cea1c6ee01513e9638cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Jan 2023 00:23:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7385
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_anjing-disebut-peliharaan-paling-setia-simak-6-alasannya_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 5 KB
5 KB 182ms
182ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_anjing-disebut-peliharaan-paling-setia-simak-6-alasannya_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8346e7dcbf82a10394984a1719d6c24fbad7287d9dd1b02f3188660fcb8b79ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Feb 2023 00:16:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4779
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_bupati-giri-prasta-dukung-penuh-gemapatas_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
11 KB 181ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bupati-giri-prasta-dukung-penuh-gemapatas_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2e9a216c1e7bbefcdfcd221fb062183a7329de996d207773200849de6547df6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:39:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11085
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 11 KB
11 KB 180ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dinilai-mampu-lahirkan-program-dan-ide-luar-biasa-bupati-sanjaya-nilai-koster-ace-layak-dua-periode_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6055a6598809a88726c521ebb7c95aba43f5ad5dc7dd1233e405abeddacd01cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 23:33:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11230
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 Ilustrasi-anak-pelecehan-218x150.jpg
www.balipost.com/wp-content/uploads/2017/03/ 10 KB
11 KB 179ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/03/Ilustrasi-anak-pelecehan-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ff37bcc143b2d424a3963690babc38d50b11db540b7596a3d984ae8fbe7f8baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Mar 2017 01:54:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10522
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_bupati-hingga-tokoh-masyarakat-se-kabupaten-tabanan-apresiasi-kerja-gubernur-koster_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 24 KB
24 KB 184ms
183ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bupati-hingga-tokoh-masyarakat-se-kabupaten-tabanan-apresiasi-kerja-gubernur-koster_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f98171dbce7a2b0b33c1da4522413a5bac09a29b3326d1a863d5062a529bba9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:49:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 24215
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_inovasi-layanan-publik-semesta-berencana-bupati-gede-dana-terima-penghargaan-dari-ombudsman-ri_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 18 KB
18 KB 177ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_inovasi-layanan-publik-semesta-berencana-bupati-gede-dana-terima-penghargaan-dari-ombudsman-ri_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

82afe9399e94c31843c363b75aa5e45a332dc01a8e78e46562cf4598a8372787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:46:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18553
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_bakal-calon-dpd-ri-ditembak-orang-tak-dikenal_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 13 KB
13 KB 179ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_bakal-calon-dpd-ri-ditembak-orang-tak-dikenal_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8c9a04fabdee4668ace88c302ac7d6e1fc9a3c7a30572405099ab087bb4131d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:40:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13090
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_panitia-seleksi-nasional-akan-mengumumkan_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 19 KB
20 KB 183ms
182ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_panitia-seleksi-nasional-akan-mengumumkan_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e838e84ff36c7716639fcd8fa6aa2e543536a98aa0a4ad20bfb6fe3fa7c13137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:39:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19734
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_penurunan-indeks-persepsi-korupsi-indonesia-menjadi-kerisauan-pemerintah_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 25 KB
25 KB 181ms
180ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_penurunan-indeks-persepsi-korupsi-indonesia-menjadi-kerisauan-pemerintah_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c13d25e73c58817709e7a5249f64dc37f0a6e0be544b9ba5cd05da37e096accc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:37:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 25564
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_pemerintah-nigeria-umumkan-status-darurat_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 13 KB
13 KB 186ms
186ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pemerintah-nigeria-umumkan-status-darurat_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

38fea580d7308b1021a21de1b0d57d1a4cf09de646c16f90adc2d8393fe9f90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:36:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13293
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_presiden-joko-widodo-hadiri-puncak-hpn_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 14 KB
14 KB 185ms
185ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_presiden-joko-widodo-hadiri-puncak-hpn_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5afcba41f7531afcdb5dfd701fc7a636a231dc0a5a10eeb44d98d82d7402505c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:34:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14115
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_presiden-joko-widodo-terima-kunjungan-kehormatan-para-menlu-dan-sekjen-asean_01-218x150.jpeg
www.balipost.com/wp-content/uploads/2023/02/ 17 KB
18 KB 181ms
180ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_presiden-joko-widodo-terima-kunjungan-kehormatan-para-menlu-dan-sekjen-asean_01-218x150.jpeg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4c7bd4f26fd058113bc723438a59d108924db23d03dbf42744da1dff13b754b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 11:32:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17703
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_dittipidum-bareskrim-polri-ungkap-prostitusi-jaringan-international_01-218x150.jpeg
www.balipost.com/wp-content/uploads/2023/02/ 19 KB
20 KB 180ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_dittipidum-bareskrim-polri-ungkap-prostitusi-jaringan-international_01-218x150.jpeg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b0e60bfe6c1170c06e99d7364ae9ca7429de2b5c501ac0819d4a8628c085a863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:28:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19963
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_kemenkes-umumkan-proporsi-penduduk-kadar-antibodi-sars-cov-2_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 16 KB
17 KB 186ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_kemenkes-umumkan-proporsi-penduduk-kadar-antibodi-sars-cov-2_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4442d05849dcab52d6997cef6d5ca393c0e0532024466adb07beea6d2d38ea26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:26:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16644
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_pemerintah-tingkatkan-kesadaran-tentang-sdgs_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 21 KB
21 KB 182ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_pemerintah-tingkatkan-kesadaran-tentang-sdgs_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a74ad4b94666ee0f1d4ded8ec523ebdccddd18c9f06592ffe87ab674ef6fbd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 10:22:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 21345
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_polres-karangasem-bekuk-pengedar-narkotika_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 25 KB
26 KB 182ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_polres-karangasem-bekuk-pengedar-narkotika_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e6db1c496e61d476ff8ccbe4bde6f0c5daec62d689d441182bb017d7ebdb5161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 09:14:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 25820
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_diguyur-hujan-pembatas-sdn-2-mayong-rubuh-dan-penyengker-pura-bale-agung-longsor_01-218x150.jpg
www.balipost.com/wp-content/uploads/2023/02/ 21 KB
22 KB 184ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/02/balipostcom_diguyur-hujan-pembatas-sdn-2-mayong-rubuh-dan-penyengker-pura-bale-agung-longsor_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

00f81781064ba4d9dd024f4a225604a57e30d256bf1526622c91561c36a67785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 09:12:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 21903
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 Ganapathi-300x250_opt_min.gif
www.balipost.com/wp-content/uploads/2022/02/ 40 KB
40 KB 177ms
176ms Image
image/gif 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/02/Ganapathi-300x250_opt_min.gif

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f53a4e4bdd08e765ef377eec73ae37b4ffbe694654e6d38d9dc8c655a5e58ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Feb 2022 12:39:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 40917
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 149ms
69ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab3c31917be5d3198ee73bd335fbbff296246e1dbd6db3f77caf348003a9815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50004
x-xss-protection: 0
server: cafe
etag: 11890381575100228849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:10:09 GMT

GET
H2 200 balipostcom_beranda_07.jpg
www.balipost.com/wp-content/uploads/2017/02/ 5 KB
5 KB 183ms
180ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_07.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6b9a5f7f36f8f4940af525e24fb0457441119faf8d5fce0a077b8ea3862747f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4818
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_beranda_10.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
4 KB 177ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_10.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

01ce2ae112dc4c76200f1b2c0a83a902e40e0d76559304383c5f28424b82d914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4148
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_beranda_08.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
5 KB 180ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_08.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e80e4a0299b436925a2cd3076299d5db0d8c2ad6e9d591df2c07ad784a32d92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4362
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_beranda_09.jpg
www.balipost.com/wp-content/uploads/2017/02/ 4 KB
5 KB 182ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2017/02/balipostcom_beranda_09.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4568e5c1238819a11c6fe45bfe0959c18020bed1bc93e8db8099c2a8d3e4b034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 12:42:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4416
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_rampas-hp-dan-telanjangi-abg-sopir-ngaku-aparat-ditangkap_01-324x235.jpg
www.balipost.com/wp-content/uploads/2023/01/ 14 KB
14 KB 179ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2023/01/balipostcom_rampas-hp-dan-telanjangi-abg-sopir-ngaku-aparat-ditangkap_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f452eb0737b9ca67cfab10b08db9ef43cd2695136d893c659568bc88055630f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 08:09:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14387
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_dua-hari-terakhir-segini-penambahan-positif-covid-19-di-badung_01-218x150.jpg
www.balipost.com/wp-content/uploads/2020/06/ 14 KB
14 KB 176ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/06/balipostcom_dua-hari-terakhir-segini-penambahan-positif-covid-19-di-badung_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f9f4fc927810c8c450a644361caa62fad39466a12a7dc6d442da1da90316d621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 12:05:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13991
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 maxresdefault-64-218x150.jpg
www.balipost.com/wp-content/uploads/2020/06/ 16 KB
16 KB 178ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/06/maxresdefault-64-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea968f1a1dd5e315a5f94f1177d66264f6ba7a6e5e8ace2d3d953b5864e8f4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jun 2020 04:21:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16372
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_tak-cuma-berjuang-jadikan-3-kawasan-zona-hijau-gubernur-koster-sedang-lobi-ini-ke-pusat_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/03/ 13 KB
14 KB 176ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/03/balipostcom_tak-cuma-berjuang-jadikan-3-kawasan-zona-hijau-gubernur-koster-sedang-lobi-ini-ke-pusat_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5c4aa6d686a05e2596f0e3b7a32d45ad9c6a0f3c26db0e2ad2b1e416a37f43a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 09:36:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13786
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:11 GMT

GET
H2 200 balipostcom_penertiban-prokes-gencar-puluhan-pelanggar-terjaring_01-218x150.jpg
www.balipost.com/wp-content/uploads/2021/09/ 13 KB
14 KB 180ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2021/09/balipostcom_penertiban-prokes-gencar-puluhan-pelanggar-terjaring_01-218x150.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

527a8d04b35853c1a30b0d2c1937e40ef54df5234e512d216bbda3ee6f24b92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 12:16:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13767
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 balipostcom_bali-tuan-rumah-kejuaraan-dunia-esport_01-324x235.jpg
www.balipost.com/wp-content/uploads/2022/07/ 30 KB
31 KB 178ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/07/balipostcom_bali-tuan-rumah-kejuaraan-dunia-esport_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ac22cc97540c372609bd3cc1195e2153b7390da19342f49458e97a32db586eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 23:15:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 31230
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 balipostcom_bali-peringkat-7-pomnas-xvii-tahun-2022_01-324x235.jpg
www.balipost.com/wp-content/uploads/2022/12/ 18 KB
18 KB 179ms
177ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/balipostcom_bali-peringkat-7-pomnas-xvii-tahun-2022_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

14852da368645c1124930acda9ee893164b23d8f76ca4efe918f939c48584d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Dec 2022 10:04:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18431
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 balipostcom_pentingnya-peranti-berkendara-yang-aman-dan-sehat_01-324x235.jpg
www.balipost.com/wp-content/uploads/2020/09/ 37 KB
37 KB 178ms
178ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/09/balipostcom_pentingnya-peranti-berkendara-yang-aman-dan-sehat_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea05e1e3891c28f2c242bc3d2c3a9944ca2d6c9f0c8fadf209e9e93442ac46f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 04:36:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 38039
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 balipostcom_universitas-dwijendra-lahirkan-sdm-job-creator-berbasis-talenta_01-324x235.jpg
www.balipost.com/wp-content/uploads/2020/10/ 29 KB
29 KB 180ms
179ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/10/balipostcom_universitas-dwijendra-lahirkan-sdm-job-creator-berbasis-talenta_01-324x235.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0da922d3893e736820ddfba802b6d8f1c93dee84acf29625f2a7aa70b9dac144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 20:12:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 29752
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 Honda-Scoopy-320-x250.png
www.balipost.com/wp-content/uploads/2022/12/ 33 KB
34 KB 176ms
176ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2022/12/Honda-Scoopy-320-x250.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e424c4c20d40e69bc6c0f5794d725ade9381b666be9b0128bd36f30fa8e1b0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Dec 2022 07:13:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 34057
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 balipostcom_ebook_01.jpg
www.balipost.com/wp-content/uploads/2020/08/ 47 KB
47 KB 180ms
176ms Image
image/jpeg 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/uploads/2020/08/balipostcom_ebook_01.jpg

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ce8c6ae7c4058553cfb110aa176bfd69c0a7c9b95ddcb7fc02c47480db246aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2020 06:58:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 47953
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 close.png
www.balipost.com/wp-content/plugins/floating-ads-bottom/images/ 718 B
988 B 176ms
176ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/floating-ads-bottom/images/close.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jul 2020 02:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 718
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 google_cse_v2-87b4560942a4932f711afbdfab910ab7.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/wp-google-search/assets/js/ 328 B
550 B 176ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/wp-google-search/assets/js/google_cse_v2-87b4560942a4932f711afbdfab910ab7.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2cb63dc9bd6c4b36fb27d7fd0c4446a8b06608e8f75fb975d0547ff387979fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 238
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 core.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 177ms
177ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1821
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 widget.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 190ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/widget.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2599
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 mouse.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 189ms
177ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/mouse.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88b0379349a4dda6ebcc43c5bd12084d230c6105a6fd3c2f651c4e771b3eabef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1021
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 slider.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 11 KB
3 KB 190ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/slider.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

08e0d913aadaef201fd3200ca49fa991a2d8d02b3d9a54621123d71837bbc73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3093
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 effect.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 13 KB
5 KB 188ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5225
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 datepicker.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 178ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11002
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 effect-drop.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 997 B
882 B 176ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-drop.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 570
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 effect-fade.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 515 B
650 B 176ms
176ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-fade.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e77789f15248b88d9867e0238ceb84ff2279871f98aa15fdd7ae66f895d714e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 effect-slide.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 962 B
878 B 369ms
368ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/effect-slide.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

58851ce24d16ff67924516a89d870d3fce4e88c5fe37d6488f38e35ea81d9832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2015 12:37:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 566
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 position.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 368ms
368ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/position.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2562
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 menu.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 357ms
355ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/menu.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

88bbd6dff28a352e8ece64314529cc2b05c37302224ff46853376daf74a40d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2844
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 wp-a11y.min.js Show response
www.balipost.com/wp-includes/js/ 625 B
667 B 355ms
355ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/wp-a11y.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3f1262723ebc47332462fed5355061924b5a2ad5e34ee4412f2f81958c5d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Jul 2016 14:26:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 355
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 autocomplete.min.js Show response
www.balipost.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 303ms
303ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/jquery/ui/autocomplete.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a140ef7b30807a0310338949fe4460a2e9f7ea71503c917e12550b5c06ac68ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2016 05:40:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2868
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 angwp.bundle-15e2f1256ebb0af341a4d46e10896959.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dist/ 223 KB
59 KB 244ms
244ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/assets/dist/angwp.bundle-15e2f1256ebb0af341a4d46e10896959.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9eb1c22eaace3eaadbc65aee8f3ae9524aa610d7d5e200a96322f42e1188f00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 spr_inViewport-e6eb6d0cf467ec7515cf08b43b7b9604.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/ 360 B
569 B 180ms
179ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/spr_inViewport-e6eb6d0cf467ec7515cf08b43b7b9604.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 257
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 parallax.min.js Show response
www.balipost.com/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/ 7 KB
3 KB 178ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/angwp/include/extensions/spr_columns/assets/js/parallax.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 07:24:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2324
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 go_portfolio_scripts-9026ae5949c1c3315b75cd9c41ce5682.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/js/ 39 KB
7 KB 182ms
182ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/js/go_portfolio_scripts-9026ae5949c1c3315b75cd9c41ce5682.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9a4bb2cda800b4463b59e9fb2b9c879127a2682e54e45e3e9375d22a89900a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7219
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/magnific-popup/ 24 KB
8 KB 179ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/magnific-popup/jquery.magnific-popup.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

976318f8c146300f5a79a33c0659b0fb8ab7d7ef634aeb94aa38f49e6635e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7956
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 jquery.isotope.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/ 18 KB
6 KB 177ms
177ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/jquery.isotope.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7078e9bfe5cf29b4352c2e2dac93d047c6f4ab1265d1c44ddf88b63b5646cff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5378
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 jquery.carouFredSel-6.2.1-packed-75f2468a5d597f2cf74fcd2d4facfc6c.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/plugins/ 53 KB
13 KB 178ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/go_portfolio/assets/plugins/jquery.carouFredSel-6.2.1-packed-75f2468a5d597f2cf74fcd2d4facfc6c.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

577c1a1703309ed180f89c830ab65428a4c97203a6d83ed8fe146d0577b158e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13486
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:09 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/ 22 KB
5 KB 198ms
181ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/go_portfolio/assets/plugins/jquery.touchSwipe.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d716856a5d7ef4f89e5b8da30178a6d8770f755c1838cb55f9646352c7aaa768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 03 Oct 2021 01:11:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5277
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 top-10-tracker.min.js Show response
www.balipost.com/wp-content/plugins/top-10/includes/js/ 314 B
479 B 185ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Feb 2020 01:08:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 tagdiv_theme-0449570fa2ac637a30e4e6fe281ded48.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/themes/balipost/js/ 234 KB
51 KB 195ms
189ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/themes/balipost/js/tagdiv_theme-0449570fa2ac637a30e4e6fe281ded48.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

744143bb86f291cdd8b04fb1ca19b86f1c04f71394f1714682df1619971bb5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 52019
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 comment-reply.min.js Show response
www.balipost.com/wp-includes/js/ 1 KB
901 B 186ms
180ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/comment-reply.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2015 19:15:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 589
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 fitvids.min.js Show response
www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 185ms
180ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 00:54:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 wp-embed.min.js Show response
www.balipost.com/wp-includes/js/ 1 KB
1 KB 184ms
179ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-includes/js/wp-embed.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2016 13:38:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 751
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 js_composer_front.min.js Show response
www.balipost.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 181ms
180ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

60e52a19fe23790b163dd2a27b256eda989ec4b90f79b0abe0caedb1d44a0796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:17:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5606
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 jv-7b9c8b6f584913aff1ea9db62875ed3a.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/vertical-news-scroller/js/ 2 KB
1 KB 179ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/vertical-news-scroller/js/jv-7b9c8b6f584913aff1ea9db62875ed3a.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

042a44c667b7423db51b5709d9d078ff690dca919fca5b40a2ea3f59700a5561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 829
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 float-left-right-30a588d4f43f24af473270ab45dd2aa6.js Show response
www.balipost.com/wp-content/cache/min/1/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/ 2 KB
887 B 178ms
178ms Script
application/javascript 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/cache/min/1/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right-30a588d4f43f24af473270ab45dd2aa6.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8ea8be5f9733c07ca7b7aaac3526ba6b4eb6df006ac62682cf1a536fd1aec260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 21:31:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 575
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 04:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Feb 2023 06:54:50 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper.woff
www.balipost.com/wp-content/themes/balipost/images/icons/ 15 KB
10 KB 178ms
177ms Font
font/woff 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/newspaper.woff?11

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10114
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 06:10:09 GMT

GET
H2 200 newspaper-icons.woff
www.balipost.com/wp-content/themes/balipost/images/icons/ 6 KB
4 KB 176ms
176ms Font
font/woff 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/icons/newspaper-icons.woff?1

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3860
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 06:10:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:22 GMT
x-content-type-options: nosniff
age: 285647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 90040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 42ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 448863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 01:29:06 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 34ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:22:25 GMT
x-content-type-options: nosniff
age: 38864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 19:22:25 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 08:28:23 GMT
x-content-type-options: nosniff
age: 337306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 08:28:23 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.balipost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:38:57 GMT
x-content-type-options: nosniff
age: 34272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:38:57 GMT

GET
H2 200 elements.png
www.balipost.com/wp-content/themes/balipost/images/sprite/ 4 KB
4 KB 180ms
177ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/themes/balipost/images/sprite/elements.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/wp-content/cache/min/1/0e358f1a917bc71e6ba25a67ec5e0e91.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2017 14:04:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4324
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-32621011-1&cid=1475147726.1675491009&jid=928840383&gjid=363127099&_gid=1497042331.1675491009&_u=IGBAgAABAAAAAEAAI~&z=297691238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.balipost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.balipost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1061696867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balipost.com%2F&ul=en-us&de=UTF-8&dt=BALIPOST.com%20-%20Berita%20Bali%20terKini%2C%20terUpdate%20dan%20terPercaya%20%7C%20Portal%20Media%20Inspirasi%20Local%20Untuk%20Global&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAAAAI~&jid=928840383&gjid=363127099&cid=1475147726.1675491009&tid=UA-32621011-1&_gid=1497042331.1675491009&z=1832271709

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 20:06:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

500

cse.js
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0

0
0

253ms
70ms

Script
text/html

2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Server: 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:40:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 361 KB
119 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2829192160917889&plah=www.balipost.com&bust=31071812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070135efc1f767bfa35e3baa57f2159bda8fd90bc793a50891708f7e3f1ec43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121172
x-xss-protection: 0
server: cafe
etag: 13622894372672829373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 06:10:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame AE74 10 KB
5 KB 81ms
19ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2829192160917889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 21:43:24 GMT
etag: 10353107486223812946
expires: Fri, 17 Feb 2023 21:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 44ms
44ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32621011-1&cid=1475147726.1675491009&jid=928840383&_u=IGBAgAABAAAAAEAAI~&z=225704723

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 106ms
44ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32621011-1&cid=1475147726.1675491009&jid=928840383&_u=IGBAgAABAAAAAEAAI~&z=225704723

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 90ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.balipost.com&callback=_gfp_s_&client=ca-pub-2829192160917889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2829192160917889&plah=www.balipost.com&bust=31071812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3133720963ce8deaf0ef9eff49887f8c8fa260808e7c3954eeaaa3aafb28b772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 130ms
42ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.balipost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 120ms
41ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.balipost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.balipost.com%2F&tn=DIV&id=floating_ads_bottom_textcss_container&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AD9 0
188 B 144ms
137ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&adk=1812271804&adf=3025194257&lmt=1675488952&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.balipost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009352&bpp=3&bdt=996&idt=180&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1687248506228&frm=20&pv=2&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:09 GMT
expires: Sat, 04 Feb 2023 06:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A57E 74 KB
30 KB 431ms
425ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab36bd3e79ff9e9f7b09d77501725975fe813a119af04a38146a019af78c035c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
expires: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3FC 84 KB
31 KB 404ms
399ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc57c4255ebe9603c3828eea41cb6001758b8f6834deef9c7cab57474641b77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:09 GMT
expires: Sat, 04 Feb 2023 06:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01A2 430 B
400 B 414ms
409ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03451f789ca7decf10c1cd48d8d007f7921dcba42f0d7c9a063f7f0e5146c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
expires: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92B6 430 B
374 B 420ms
416ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6982e01e50a701aac5c3f15b127c5caa972143eeb5eb820ff5f6803f7b3c8f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
expires: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D744 94 KB
33 KB 364ms
360ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=238&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=GrlIAUldlz&p=https%3A//www.balipost.com&dtd=240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8893c0186651a4b2c860bf4f011b70d6fd8735b2f2ca89239b1a1f99f575bfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33611
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:09 GMT
expires: Sat, 04 Feb 2023 06:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 21871cfb-43de-4392-831a-c8b04fc91f45
https://www.balipost.com/ 218 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.balipost.com/21871cfb-43de-4392-831a-c8b04fc91f45
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 218
Content-Type

GET
H2 200 css
fonts.googleapis.com/ Frame D744 8 KB
991 B 44ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=238&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=GrlIAUldlz&p=https%3A//www.balipost.com&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 04:13:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D744 2 KB
818 B 153ms
61ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D744 0
0 64ms
64ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqx3SwfbdY9SdKMKUywWGgoWwAtqf6aBkweOmn-ANj8WiyI8OEAEgmMyaI2CVuomCmAegAY_CpoUDyAEJqAMByAPLBKoEygFP0BWPv7IL6RkWjQpcctIUruhIYdzuU0o-iJ4UjKHxnHbBeF84MCQoVViAvWoCfp10ipt8jl4euNmadAOtNqC5CXr3mlPYjjT09u7DEvO3GATuS2g7uFOpIO2EXZiZmpUORG_Nv3zMiaNU5i48VHmBHpE6m2mMRnGaGJwq-9GOV8A3iss5wRSRQe-F6wPvDSOSnQ8AAj8OdAQ64A4XENAWAOR9U12Tm8yqM0-f_Yd2jTXiDIo5h3B1jGwrmxF5eZoPs8c6CDMpcL5pwASEoYfl0AOSBQQIBBgBkgUECAUYBKAGLoAH2b3ZeqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPw00ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgyOTE5MjE2MDkxNzg4ORgA&sigh=NxXGAOBeuLE&uach_m=[UACH]&cid=CAQSGwDUE5ymyoYXg49K-vVkR98EIMlkyVyN06NljRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=9685069826&adk=1727054528&adf=1700609347&pi=t.ma~as.9685069826&w=970&lmt=1675488952&format=970x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=238&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=GrlIAUldlz&p=https%3A//www.balipost.com&dtd=240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame D744 22 KB
9 KB 110ms
19ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D744 3 KB
1 KB 152ms
62ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D744 18 KB
8 KB 111ms
22ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D744 157 KB
49 KB 66ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D744 33 KB
14 KB 44ms
13ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17911198671999375060/ Frame D744 9 KB
10 KB 154ms
66ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17911198671999375060/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baa7f3998cd62d80bcd955acd34258bc42ce02dcef03c769b3e5fc3ebf3f6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9474
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 02:27:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 06:10:10 GMT

GET
DATA 200
OK truncated
/ Frame D744 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D744 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame A3FC 6 KB
745 B 49ms
48ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 06:07:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A3FC 2 KB
799 B 121ms
64ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A3FC 22 KB
9 KB 84ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A3FC 3 KB
1 KB 109ms
64ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A3FC 18 KB
8 KB 95ms
39ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3FC 157 KB
48 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame A3FC 33 KB
14 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A3FC 0
0 81ms
67ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuNlYwfbdY6elKO6QxdwPrvOi0Azan-mgZMHjpp_gDY_FosiPDhABIJjMmiNglbqJgpgHoAGPwqaFA8gBCagDAcgDywSqBNUBT9Bf0yEJlrPUDrqjwAP1qSmcj9RArf_K10EuW-LQQJMC1sMxqaGS29uYQijqx7rjnptXwhETO26-mC0mqLe_Etcu7YXuhua-ruCNYm-5iMwdZLJ1iG7j4rJE6bQEo79xJtt61bUW1ANas88ARcVYYfijwohGNZFRrRTE758GktXTUsH8i0LehTD8-LekruFEnvXMHD7rWr1Neszr9V6sngcmxwkPgeGiyPGKibQ_ZITDCXFo11x6pF-5Tn8zZNUgCL7ACf-daxb5H1dP8p2MCVdRRo5hwASEoYfl0AOSBQQIBBgBkgUECAUYBKAGLoAH2b3ZeqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEM4z0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTI4MjkxOTIxNjA5MTc4ODkYAA&sigh=eOq4QKmLrrc&uach_m=[UACH]&cid=CAQSGwDUE5ymQITWFhsSUKebWlQBlgbIMqCwgkuGUhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17911198671999375060/ Frame A3FC 34 KB
34 KB 119ms
76ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17911198671999375060/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3eb0f2f8114459f9666224c187f2c2cd33e4d7b9a10556469c4404967f0016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34716
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 02:27:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 06:10:10 GMT

GET
DATA 200
OK truncated
/ Frame A3FC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5125652924298360942
tpc.googlesyndication.com/daca_images/simgad/ Frame A57E 44 KB
44 KB 101ms
81ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5125652924298360942

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66d6ac5ee8e5daf37403d7104e7ff47ab0fde578ccbd99d27ad6a793ae16f3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45043
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 09:47:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Feb 2024 06:10:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A57E 22 KB
9 KB 62ms
42ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A57E 3 KB
1 KB 67ms
62ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A57E 18 KB
8 KB 51ms
46ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A57E 157 KB
48 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A57E 33 KB
13 KB 65ms
60ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 17:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13610
x-xss-protection: 0
server: cafe
etag: 17181213163917467211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 17:06:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A57E 0
0 80ms
78ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C05eawfbdY6yeKJjDywXOrKbgDvKtxLVt4frWu9kQpJK6jbI5EAEgmMyaI2CVuomCmAegAb_L5oUCyAECqAMByAPJBKoE0QFP0FZLF6cUj_PsAx9tgz1aVuoWLhXfWM6zTN_NXWFHde2vd6NZZDLk2yiIT6aWlHnx1lwry2DFvf-7DZCSCgtJIJhQ_trrN1WASxf2jP9sg3qjE93tW3akT2Q4aFVnC6aF9LMEzlRfo5v6FaEU-lgGgCP5evozFUU14HcnMjzuvdus229AlYje8QxpvvuNH6Jn0kOeXWF4HelTBw8lMl0zFfsXz3fUAWJH9nBY2M7F7ln01nBpKTQoPS3y9WivL5e4yvOE42NIMLeUqFdHQog_W8AEv-mUmJoEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4G61IMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ4T3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=K40Td7mQGNQ&uach_m=[UACH]&cid=CAQSGwDUE5ymFjp0eBfuGuiyHIqanNWV4zSOenLMbhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D744 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e31ba6b9e380528e11d8fa08c225ed1dd8968d153e2f3e56a8f9cd67b856491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FDB 143 B
166 B 24ms
19ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 05:11:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A57E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9be41b675f2ee97efb1ac6099b209c081cd417115768295a5e70818e434f69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A3FC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f43ba6055649283d10405e02368f7e2197c1684bad6f084661871325b03d8b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D744 28 KB
28 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 479153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3FC 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 90041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3FC 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 589044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 10:32:46 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FCA 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 20:40:05 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F6D 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 20:40:05 GMT

GET ui
www.google.com/pagead/drt/ Frame 9FDB 0
0

GET enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 82FC 0
0

POST
H2 200 admin-ajax.php Show response
www.balipost.com/wp-admin/ 0
420 B 489ms
488ms XHR
text/html 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.balipost.com/wp-admin/admin-ajax.php

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.balipost.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff, nosniff
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Referer,Accept-Encoding,User-Agent
p3p: CP="NOI"
access-control-allow-origin: https://www.balipost.com
content-type: text/html; charset=UTF-8
cache-control: max-age=15, s-maxage=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A57E 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 4CFA 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame C635 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DE0 26 KB
12 KB 336ms
334ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ca05af1e4c6cd7a3aaddbcb0d5b4ceb418b86941d374d93d37978c32d343fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12439
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A3FC 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 121F 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame EBE2 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECBA 26 KB
12 KB 396ms
396ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d11229df149b1b604ed52bfc3b672bd7921b685a7f290e8ff877e3b7222a1bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11912
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame ACC4 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 4F56 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 04EC 31 KB
12 KB 379ms
378ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c573265f3457128d34cf985580b5a2a277de9303f552efe0d55fa2279eaaa34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12520
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame FE69 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame F382 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C85 32 KB
13 KB 354ms
353ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: webpack:///./assets/dev/js/jssor.slider.min.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbdeae96203870e03ce6b9a0d5562d45e337ba3662b1f604b685cf1b1edd9218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12821
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prev.png
www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/ 1 KB
2 KB 179ms
177ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/prev.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Feb 2020 11:13:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1354
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H2 200 next.png
www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/ 1 KB
2 KB 179ms
177ms Image
image/png 188.166.207.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.balipost.com/wp-content/plugins/logo-slider-wp/public/assets/img/next.png

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.207.31 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Feb 2020 11:13:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1342
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 06:10:12 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 2DE0 3 KB
2 KB 183ms
25ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRBd056UTJNVEF0WWpNMU5pMW1Namd3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ2MjQ2OTc3OTcxNzQyODEvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNURUNVOE9UeUdIelZWdTk1V2J2WGdFLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTc3NDYyNDY5Nzc5NzE3NDI4MS96cmgvMC82OTI1LzE2Lzk5OS8yNTgvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjc1NDkxMDEwLzE2NzU1MDM2MTAvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/7Pdvcvn-FeNwWOyyJqEIUP2ayEc&nodeid=3759&group=zrh&auctionid=1774624697797174281&pbs_auctionid=1774624697797174281&shardkey=1774624697797174281&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.162&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%26client%3Dca-pub-2829192160917889%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 62058cb67cddb5a531f1749b003131fdd616fc7bbf88f4632b385830ef020c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
x-mm-nodeid: 3759
Content-Encoding: gzip
x-mm-bid-request-time: 1675491010
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sat, 04 Feb 2023 06:10:10 GMT
Server: MMBD/3.379.0
x-mm-latency: 11 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x90, zrh-bidder-x145
x-mm-lag: 1
Expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2DE0 3 KB
1 KB 42ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2DE0 18 KB
8 KB 41ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2DE0 0
0 61ms
47ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNT8KFBXo6TPWVB3NIOr4Wfrg4FYNmbYyN8Yd5tFRTp-qPLVpHu96EYm7rvHYQQ5koby7HVy-oz_pMiYRqumqR_xtMyw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DE0 157 KB
48 KB 49ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2DE0 0
0 78ms
67ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CorRSwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS2AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb_FgRdf0_VBLwjtJ4jKfZQ1266vB1IkniD_-MEzXM6E13-VsQmRigAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=1TJB4FnvxEo&uach_m=[UACH]&cid=CAQSKQDUE5ymYmi7jIQrRD7wMy-GPciVwgMgp1heEnKzcr6Q5oRnDvaY0POIGAE&tpd=AGWhJmvmpR_YDKOneYMZmVWjS-0acFrUxDlHVI-Mh777p6SfHeuxniimhJa9x-XYtn8YKeI8xEcWhVVgPzXZl9uC8icnVc_n4ijcyWygUAMtDyYoo3qHLjKnbzIxXMkWJpPT67H22RVolO_WNWf_0yMNK--kPji-Y8kd_xyEqJ6GogRUd9Pcu6K_2SwIUj7VES5WBzs-4EJMUxaYNMZ99RiV_gsIL6Kh1bSXX3y_SoUEQqjd5pc1lFes30ZfiskBT181XKjSoO8di0Q1-QxgOlxVyQK71NK1u9CawVRLSk8bmC7GbcJZ3uJdlDUh2V7MxUIh09Ib1b2PXG1XnJ6jViGYA77VdzZ62bgAKTnd1_5QTE8BVEdp-jmj9D9IELZdk4B5_CAD-kUp-nSCp9JVYlZCwgYhsf5hOqXQjWGNosP7mbQLu_qnWTpQIRF26SVqMIv9EifhDA2HuyKSFW4iXWiGJYKkSwQc2IL2UUwMR3gSE-o3TneomunSYb71Dwte1IWbz1cO_ul42KUWW9Xm65Z5O7s6wQPrbVoBHJ0-GVUVuBc4tkAQx9294igoW2O2QXaTQtVb31O-rwM6yWlZttDig5cIC3nXUXlozZYDf4_tYKs1W-pn6j8yCZ6l0Sug-hQGDLiYI8LDA5ft6F0i_XP-moqkX4tDjztsX-SRbUX6ehN3qTgtndAN1pLCr0ougBMag7BLrbF-Zui2szW0T8r8GLnPJkOz0Cg7IhMfXFMhpi-OGPT8SSBi9xbBGawyBvcW3GCEhA0xpSPNYPPZP6jcY85y8zJsdawP_txg_Ix5QhvxxdLjqPR7NvfWHtaZfSHuikyqW-aX_9XHaStJVRh2i7s3eK-mr7Qn78evhNJWm-2FBtzXj_bkMduvz7fJCaP86n0kx2_v5hOTtfWFPM4mUCZkLKy-AhLWmSFz0RGWEyBcXqU8u-N3gaDZMUMsAXs3OBRnBthgrR5Nvs06k3BEsAOZ3eTyXaSvJBsSBkyXi06lz5v3tHc6ayDY-V7SZzmkOe3j4nhwaITY6u3I_jRr2vltcwF-2wUPlBisP9GdWYmAtdqGsr1vtktNv-1hsbpbQGSk0lkSI5r89tUMDLsrj4T9skiVaHckMWNNJPZRrcYVLGcomTCuO4uKncpz1A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5D5 0
0 89ms
64ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBW9LwvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEvwFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw1maIjeiUxDqLTarPVRbrDKjsdJYbWNJVQ4g9a61wsgFdSdufoGXYAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=WZ6rda_iX30&uach_m=[UACH]&cid=CAQSKQDUE5ymOq2owPxcMptm2vn2KfdmaR8PWh0stw4Y7U-Nxi6cX_rMhurNGAE

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C5D5 0
0 99ms
12ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gpn1q0dwgk7mz7myx3wzza7h5z8aptm2zg8heqqx16t21xq7p1jtdt7eg0j6x5h9w7taj0b403seebwwr12azrd9d6m85j74nxkctcrja1ma9f6fbfxmyn1cbdzmmj81q1qdg76t02978e7fazq81pmf85e4gtk6jmk98g2w1v75a0dr55w27t1th68hth55htgj89pgj900jt4hrz4x55sqwcyzb29qqbw7g057re8441gkzx8fggg44b6m3kkaamqapv5pa9rg3eq83bc4nwghswa9qdbh6pqf9ngxnrkdgdzyvjrfqjp4n0rg0h03s4k6t0s36bhswh8pfjqwr7n938j3egeqbcpxa9rhs9yz67q1kv641ts1ry89jp7a5d1vg8d254n7b8&b=Y932wgAI7R0FkUxzAA19J3jLTL5vY4cftokL2w
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B515 2 KB
3 KB 101ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c37eec6e1dc78f492ef6e15814f5b91360a57e437f7a53afef46cff610cead

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de2bc0d3624-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame C5D5 3 KB
1 KB 53ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5458 1 KB
643 B 54ms
33ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame C5D5 18 KB
7 KB 53ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5D5 0
0 74ms
52ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThdoysFyceDycQY9MnJsMVtO9yfdcVaVk3XG8gmx2yvEiZvhOvngHer3sOf1K8i-KbslE2EOa-vTEqFnFhzaIptWeW_A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5D5 157 KB
48 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame ECBA 3 KB
1 KB 51ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame ECBA 18 KB
7 KB 51ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ECBA 0
0 60ms
50ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLKJFqBmKomdYmgCGZ8sg2YqZ775a0H1k_Gcx4Eivj4-r1qZurxK9msChgx5j15CuKlrEDqJdBb7xJZLrhSzIsyBavmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECBA 157 KB
48 KB 52ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ECBA 0
0 77ms
68ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzbkSwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS8AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEpejTygSKblbsg8tAS1W1iIeCo_MlsFP841JRTBBejtgyOAfhXiXgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=DcgtqsrfT-U&uach_m=[UACH]&cid=CAQSKQDUE5ymxHD9MJE2hW50vlDKMrBdxPlHK4n9mWkZaInrqPlj7oo7h6CSGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame ECBA 0
0 78ms
12ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hgrbwp5hw0ak2ytstjb4ymtcpxzw4fa4hak0de666e91pbx9hgjh8jjkd6qm40cx7etpmgmygxwc2ywdn4kgqxkg7zk8e99jqw9901jq64v1bs9kqev5pzrxg0fypt345kvhd9wr1zq6vxewaez9pptwh80h590zb4ej0wvzpydh1nnzfrr2137kgg7ts79pg2s701r8jaenjjj0tgv874sscs89p4gjq6wv7g1210wf83mre506qr14qva6j1ejdrbns8ecesanc5bt0n9293nn5qbhbe3gg6j6d05apz73289tayz30cfp1m54d6zze31q54ehajj6z425f5ey8ypfb6bw7hbn6vvjt7yys3jsgzhj90s7xrznxrgrmkbb8xp857xh0&b=Y932wgAIe-cKssrCAAHHkqzL7_mIqye-NRz1Bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4CDD 2 KB
1 KB 93ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4597cfc1e059a991ff24279c1b0e0f80a5e1a1885832292cd9ae623f1ee816

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de2bc0e3624-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C676 1 KB
643 B 39ms
31ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9969 0
0 65ms
63ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNA-LwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTmAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPkjj3V2YY_22tX8iTUNOS7su84WEE1h9ASdnAfV5Qo11r8JEG46PgAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODI5MTkyMTYwOTE3ODg5GAA&sigh=-2ogVMQ-sfA&uach_m=[UACH]&cid=CAQSKQDUE5ymDw0ghuTu5WbtsxEAgM_RGEihmcVwETs2-VxoTqba4w3KhHDSGAE

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 06:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9969 0
0 67ms
13ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gaggc1eb41v0dvmj5rm0htnjghnr6d6g6kszjwfqrnfb3crj74jpgm4q2baw53vaq6pdnk4xd6a279b5xkdpgc47jkfa9zef3xmb4axmgyjpmdhw1583z678ewwwkyqngdnky2nqyvayps7z4bn0weaxp15pff1r1vyzek9s79zant4k8535k1k8czcnw64s8zdn6n5bsg2305m2cbs18t96k97mwgwar0fkgcrbyjqf0ahwtpvhwjmsb445b4ap0tt07kcrws0e1xws6m71gvq6wc4gx0zegtp1fn84wkz6skc1jc4c16g5pqp30682mzqj2kq9r5cgnr90rxn6948rng7d4sskpetytgc8zscs7crzcdd6b4db309cqe1063h34sqxnzb6pgy&b=Y932wgAI0t8KssqXAA9aOUhOWaYoK2ylWi35MA
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E638 2 KB
1 KB 76ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa3ad3b35fa7fcc80ab2eb9c2de3a230c80628741232822e92fb13c830578c8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de2bc0f3624-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9969 3 KB
1 KB 35ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F3A3 1 KB
643 B 32ms
31ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9969 18 KB
7 KB 35ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9969 0
0 54ms
49ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7W4UJmqALGTRabo_Jg_jTTyHnu7QPJOuVMUwftd-8KYadsZcgGn5Pp_r2cPVGPgfrkpOyaYfukpEzGXDkdvII-Lvwjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9969 157 KB
48 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
DATA 200
OK truncated
/ Frame C5D5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da9e1a5c7ea75f3a6c17477e6b45cabdb25fd4e78aab3db3f24e20aa99b55e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5458 35 B
463 B 246ms
15ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSYsUwP10cle9SlOb5vrXw&google_cver=1&google_push=Aa02lx8ZajrjWt00tfIkLbxrug-6miDP5p53OZp3q2PTQzX9mCfENiEBxgN-39I9IS8z-BOTSUXjI3oyyGWuVEMcEOMdD4R_jmQijSs

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5458
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJ...

170 B
232 B

46ms
46ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJRIhnxPDbll_4T3dNXdrt1ytPmFGDCmDroiL1YrI2-Z19wr8L4ewp1roMI

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-02d4862961d254dec@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_I5ZnEdAzIBj7RMe28bpVXxWaF3u5rJwm-VWeh5RJRIhnxPDbll_4T3dNXdrt1ytPmFGDCmDroiL1YrI2-Z19wr8L4ewp1roMI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5458
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jFnV2H0zReG8BJc4EYonhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

45ms
45ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jFnV2H0zReG8BJc4EYonhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-2M9R-ibYDt1bWExpiugH93L2LNYgXxCEvZ_Bhqp_qItYBIJTgbAvfEZXjRTYKDSY1OwTijKZVjUZSG_iObq75QIJQImVctT0

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jFnV2H0zReG8BJc4EYonhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-2M9R-ibYDt1bWExpiugH93L2LNYgXxCEvZ_Bhqp_qItYBIJTgbAvfEZXjRTYKDSY1OwTijKZVjUZSG_iObq75QIJQImVctT0
date: Sat, 04 Feb 2023 06:10:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5458
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELoM9bcfmC9HK5vqKwV3v-I&google_cver=1&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjctMUUtNDRBTg==&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMzpC9pu_O2MdQQOc-u-see7naXOrcL1

170 B
232 B

170ms
46ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjctMUUtNDRBTg==&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMzpC9pu_O2MdQQOc-u-see7naXOrcL1

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjctMUUtNDRBTg==&google_push=Aa02lx-BNRgofDvi5edQj0VXBuPpFwJdfi943jdcQz2WbqTmuYV2_ZejWAQUZH5roLuKeTeeJMzpC9pu_O2MdQQOc-u-see7naXOrcL1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5458
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO2JqJyHR34uVi9AgzZ4Cn8&google_cver=1&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf-7UJNTw6Bjetcl5X

170 B
232 B

171ms
46ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf-7UJNTw6Bjetcl5X

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-QHy5BPszq4h3HGODI5O-I_jagHqdSLH9RHJVi5VXVvg0Cz6YnRUCfxoB9-bPr30tZpc1XAEY1E6QNiDtf-7UJNTw6Bjetcl5X
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Pz1nBGxxEthY0RLRLEn9htkEWTzN0XIxfP12qdP3Og_oifa4fo_ZLQ==

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 5458 0
75 B 412ms
26ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMJRb9JiNF9rgJt9kfNLuHY&google_cver=1&google_push=Aa02lx9uvJwTqYPJCtWWoQ2SoS1VmlJgqWcDdD1qrp_vlltn5nvK8fcmEzSTamxbYgnKnjZnc8FbZDELI_yyKO6CEsEyltneIPUZ2uT2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:10 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5458
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDHnapzaSyZy5TmdxVRuMfs&google_cver=1&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRr...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDHnapzaSyZy5TmdxVRuMfs&google_cver=1&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRr...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1zQm93aEZSRTJ1R0lPazkwcVVIelRHeUxTaG02VGlUZ35B&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f...

170 B
232 B

48ms
48ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1zQm93aEZSRTJ1R0lPazkwcVVIelRHeUxTaG02VGlUZ35B&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRrRe8-k7IR7b8PV9qEx-yDma7BXbhnwzvQ

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1zQm93aEZSRTJ1R0lPazkwcVVIelRHeUxTaG02VGlUZ35B&google_push=Aa02lx_l4YYRArL9o-eqYsO1kawugoj0oo6K7zWGZJO4gG59xutj-BM4f034tkhF5KJkKBMpRrRe8-k7IR7b8PV9qEx-yDma7BXbhnwzvQ
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5458 0
139 B 269ms
40ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4_h3kWDkFDY5oV4tYxNZXJwwhxUL3PHan3yexMrWq48-MPQHyVZg02MpKkW-Dcu2JzttsyQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame ECBA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af9eb10bfcbd7908965ad606415ad1c31529b8d2d85b5c43b25ffcdbfe6ea01a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C676 35 B
462 B 221ms
15ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSYsUwP10cle9SlOb5vrXw&google_cver=1&google_push=Aa02lx8KSkfd7xp-0iT58evu_VDPkMM4Kl78sRGaYmIxsqAq_CpZBAFHAwyUYUvZ3PrbmYmcKpl325uI_MiLkwCQpdFFCPrfUILHtj0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C676
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJSvbnHxh12jo-OGssFcm0Q&google_push=Aa02lx_rvvDZvyUZcKGOQXL8Itm_ots96D8etWV-RVAUWfQP1_Fo0KEicO...

170 B
188 B

56ms
49ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJSvbnHxh12jo-OGssFcm0Q&google_push=Aa02lx_rvvDZvyUZcKGOQXL8Itm_ots96D8etWV-RVAUWfQP1_Fo0KEicOyusymaEmI1QufQRhZY0CGK-1P02UaS1PCf_404ahdHQA

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220031-HHN
pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675491011.247581,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJSvbnHxh12jo-OGssFcm0Q&google_push=Aa02lx_rvvDZvyUZcKGOQXL8Itm_ots96D8etWV-RVAUWfQP1_Fo0KEicOyusymaEmI1QufQRhZY0CGK-1P02UaS1PCf_404ahdHQA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C676 70 B
265 B 257ms
27ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHGoT3pVB3W1bWmszrdfPVM&google_cver=1&google_push=Aa02lx9tbe3AxdmAy2c3jPZCePnqyN_xUz_S1-Pac4KfBNxYNDMF7D1_73Nf7bmx-BO4lSlxqAoP8x6xob0AT8BNHdfCAtNA87dL8JQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C676
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMxgc4LJB0JftK0EfIgqxtw&google_cver=1&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMxgc4LJB0JftK0EfIgqxtw&google_cver=1&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4Zt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkzMTgyNzAyODY3MzU2OTU2NA&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdW...

170 B
232 B

46ms
45ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkzMTgyNzAyODY3MzU2OTU2NA&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6DMWa9ZTvc3X0dhZWA0FjpZA

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkzMTgyNzAyODY3MzU2OTU2NA&google_push=Aa02lx_bzbg7cRva1gIgH-slBdY_EhZRaBVwsbY-6WCJyZlQWNiDzs612afQzE1SMGQSs5TB4ZtKdWV6DMWa9ZTvc3X0dhZWA0FjpZA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C676
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELoM9bcfmC9HK5vqKwV3v-I&google_cver=1&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjktSy0xOFZO&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUWZDek8meW8IY-PptVYxQgWgZ2J8A

170 B
232 B

170ms
47ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjktSy0xOFZO&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUWZDek8meW8IY-PptVYxQgWgZ2J8A

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERQSzM2NjktSy0xOFZO&google_push=Aa02lx8MiHXFxayIQmiwy850URs3DUhdiEYQ8ivX5UrK7xtbQcwfmSXpn_cfPdFsJRBTOqZwXUWZDek8meW8IY-PptVYxQgWgZ2J8A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C676
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-52b63add-75be-4aa1-8c67-3ccf90f3db2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8ILX3eqlCRGg6b3Y6iM...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&google_hm=A1K2Ot11vkqhjGc8z5Dz2yo

170 B
232 B

50ms
48ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&google_hm=A1K2Ot11vkqhjGc8z5Dz2yo

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8ILX3eqlCRGg6b3Y6iM0LNL-lEXgw_vBHw1FTw-s7fh2Zn2qp0CY_rlc7hi7lklBXThJ08Yyu-y8aBN1ENa32lRhwB5QNoRJE&google_hm=A1K2Ot11vkqhjGc8z5Dz2yo
date: Sat, 04 Feb 2023 06:10:11 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX52b63add75be4aa18c673ccf90f3db2a003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C676
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDOJwwJ5KSRMHKa-aRiusz4&google_cver=1&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCe...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCek...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vV...

170 B
232 B

150ms
46ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCekGJQ

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx-_I132rxbKI7dK4nOxeKJ7WzVZFt3RGX8Iqg48SmKW7Rir48vVz8MbecdhHtE0bIFB_NAxGcGlU0KWV3UDWFlGZutJCekGJQ
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C676 0
40 B 245ms
41ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQaSTu2SMEXH0VdckCtMPfnv7hbxjQK0dAktNZfTWNJszy0rZ91N06iHOCC7cOQjuVV2BD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9969 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df0b23dfdd700d1223ac41bc104ca11c7f45cf4c2e7758d32be83f33cb329807

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame B515 94 KB
12 KB 22ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAraTvgelWSdsdPY%2Bw3k0q7TkVWRcU9V8x3mV7rwWeuU%2BBB06YMgqKDmsu119j9qLjrTAzvbGFhhc2nDVaxsXpwIn1sE6z2ASbVc9Tu%2FcCOPBjqRK5B%2FuToq%2BWK3RHE%2BPSd%2FdgwAjMY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de36c983624-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B515 35 KB
12 KB 49ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 262369
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5c2gpGSQcycVPQR0knwIbLLVNj82lIqpHWgnWyDCdpfdWGBAEPI8mrd0%2FYomVl6xQ0WkYis0yRy%2FtVPFS3RkYomMV0D1cAc70FBR3dtuLoF9bMam9pA7X03T2m7f7qITVGiUuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79413de39cba3624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame E638 94 KB
11 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKreaeuGfedZGwbmqjVVawpBsgnpq3ZyUOQ39FFEst9%2BkvYEuoZNKGh8RRkR%2F%2BokOxhy1MGpUxPMxRKZtvJagrh9k9RxR0lRFBgF%2BVMOtweqljIbN%2F%2BqawueWyFZ11Aem6zt%2B1Lnlq8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de36c9b3624-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E638 35 KB
12 KB 43ms
23ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 262369
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VXT0C1V2mP%2Fnajb3wqln3%2BH%2BhaSC4RYeaoGmuccV9pm9Hk8Gmc%2FZWECst7dAMTFX2%2BQPcDtm8NjF%2B7IliuD0ttTrbcsu9KzLeaZOJo5hAvrTNiPcpOw28YK%2BGOE%2B4jjGNz7S58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79413de39cbb3624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 4CDD 94 KB
11 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70XYNuEzX1EX2yzpeD1LiUzQEz7q6I%2Bx0pj4qB8HCYYGPVNXkhhubEmcV%2BpTIc9IxLu%2F84D8EO8nruKv8ZBowwLTQIRicFZtVdsFTkr6FSToWHFlPta3cMm13%2FjY7ZIxVi%2Bikmy%2FEAw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de37ca53624-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4CDD 35 KB
12 KB 34ms
21ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 262369
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXgTtXPVqILtu%2BgrWSAc09EHy7OmLFIqCqF7XR%2FL5jRbpZJUS88UN8GnVEoF8TODjdKLc1NTDl8I3GkaiNDVP4ZTlWVxZ8gNwHjNtnR38ELx3Ua%2B%2BN%2FrTkANv7uHqnMopU9DGXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 79413de39cb93624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:04:22 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F3A3 35 B
462 B 146ms
16ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSYsUwP10cle9SlOb5vrXw&google_cver=1&google_push=Aa02lx-ENKPO8n8BHkNjlQAvUXne5KoxB8yeVC5ni2LHDU5hHqMAW10W7Iehr27XbI95sMHp8uly3NDLNpRhnxt9sxveuiz4GZP8ZpI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F3A3 0
104 B 173ms
15ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIvpVroP4HlEXLQPzmF1KIA&google_cver=1&google_push=Aa02lx-2EPSBAzsclvu_lo0GjHAQaaowa4pBtunPdPibXILAovMyZ_bFq792ogkEr9rEiuaoY__n0MpYOmVG4GKtym0SjJO9bvBe8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F3A3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJlummUHNEChZM69EhKB6i8&google_cver=1&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIx...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8MLDoxjqRfqSwzMlzU7w8A2&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIxNiF4a2cZpnt2YjM

170 B
232 B

44ms
43ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8MLDoxjqRfqSwzMlzU7w8A2&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIxNiF4a2cZpnt2YjM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8MLDoxjqRfqSwzMlzU7w8A2&google_push=Aa02lx_ntqIXEEQ_ZOP8foWcvwZBCiyZxs_tF65sH-0Z7Pmjo9wUTwaoMI12Ds7DuKc6eF5hJYjt0aNiKVI7YmIxNiF4a2cZpnt2YjM
x-host: tde-deliveryengine-production-fb497649f-w4d4z
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F3A3
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgem...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRg...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA

170 B
188 B

59ms
50ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx88whTtvqmyL9YJFJUqeV4M_YzJBEbpINYNJDs8VPWs-FFVSWQOqXzLfp4FQwLv3AdBpAIQgBpMTvUMM5ydLZtRgemTatARWA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F3A3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_hm=Y932w98NxDInPKMdgE1qJwAABK8AAAIB&google_nid=index&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeo...

170 B
232 B

68ms
67ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_hm=Y932w98NxDInPKMdgE1qJwAABK8AAAIB&google_nid=index&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeox5TTm0rZ0kys7hCUCsKdYI8gIZAXtjYVF1SLvHyBGNsI1KI2wL-kX0QPmduLusf0g

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXXhF8viyNGJcRl%2FBDBa1z3yzG29P%2B5HcdqqpWgxnMPJxrve7naGrfDh7WsvmdXQ7WT6qc5%2FgePC8bGCgHMhzOaQ1b9YNztyarb40ncID44%2BTPrP53kM%2F8W4A1ojv93dptpEPtU6XTktng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDMd7Kons8t0qfbNCW9n_pU&google_hm=Y932w98NxDInPKMdgE1qJwAABK8AAAIB&google_nid=index&google_push=Aa02lx-m7l8o4bJfvAkykRoR-ib3M1KgwsKeox5TTm0rZ0kys7hCUCsKdYI8gIZAXtjYVF1SLvHyBGNsI1KI2wL-kX0QPmduLusf0g
cache-control: no-cache
cf-ray: 79413de4a9962c53-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F3A3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDOJwwJ5KSRMHKa-aRiusz4&google_cver=1&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmhYUUkYHM2iZFcL84XrgkGWeaPnn8vJn7Td2hZTvUyRI...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmh...

170 B
329 B

154ms
45ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmhYUUkYHM2iZFcL84XrgkGWeaPnn8vJn7Td2hZTvUyRIslyDg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTkwNDg0MDc5ODA2NDM0MTgxMjM0OA%3D%3D&google_push=Aa02lx_kNiI8jGt_QAuAxIYsR_cBXOjYrJxWHsM442d-_Ru3ZNfGtFmhYUUkYHM2iZFcL84XrgkGWeaPnn8vJn7Td2hZTvUyRIslyDg
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame F3A3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKKmXmw-7ybytPD_aC6nkpA&google_cver=1&google_push=Aa02lx8RxvlgXBPsacbcHTHUcLGfotm5QUWUQdmmWStPd7yZ25wwM7KW12hqZkgF-9gFEhBRqIBjKM6iv2h...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8RxvlgXBPsacbcHTHUcLGfotm5QUWUQdmmWStPd7yZ25wwM7KW12hqZkgF-9gFEhBRqIBjKM6iv2hU4mkfV-BTDB_Y6T6VUGRq
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

20ms
11ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: www.balipost.com
URL: https://www.balipost.com/

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F3A3 0
40 B 168ms
40ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Hhm502piytGOLPbg9up6WaAoWGaNuRU1MR9I_qGQpMY84X6rcjjESEWVB4845d8-u0_UCA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK y39eto6m2jel Show response
hal9000.redintelligence.net/zone/ Frame 2DE0 10 KB
3 KB 142ms
11ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=1774624697797174281&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DzMfCyQ8HJzfBtoxNcLor0w%26exch_seat%3D20035004448%26mt_aid%3D1774624697797174281%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_cid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: a5516bb37196adb588b3ee88e6a07847816320e15318f37c228763d28e1f3ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3321
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 2DE0 49 B
330 B 59ms
25ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1774624697797174281&node_id=3759&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRBd056UTJNVEF0WWpNMU5pMW1Namd3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ2MjQ2OTc3OTcxNzQyODEvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNURUNVOE9UeUdIelZWdTk1V2J2WGdFLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTc3NDYyNDY5Nzc5NzE3NDI4MS96cmgvMC82OTI1LzE2Lzk5OS8yNTgvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjc1NDkxMDEwLzE2NzU1MDM2MTAvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/7Pdvcvn-FeNwWOyyJqEIUP2ayEc&nodeid=3759&group=zrh&auctionid=1774624697797174281&pbs_auctionid=1774624697797174281&shardkey=1774624697797174281&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.162&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x52, zrh-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 2DE0 43 B
403 B 380ms
49ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1774624697797174281&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRBd056UTJNVEF0WWpNMU5pMW1Namd3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ2MjQ2OTc3OTcxNzQyODEvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNURUNVOE9UeUdIelZWdTk1V2J2WGdFLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTc3NDYyNDY5Nzc5NzE3NDI4MS96cmgvMC82OTI1LzE2Lzk5OS8yNTgvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjc1NDkxMDEwLzE2NzU1MDM2MTAvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/7Pdvcvn-FeNwWOyyJqEIUP2ayEc&nodeid=3759&group=zrh&auctionid=1774624697797174281&pbs_auctionid=1774624697797174281&shardkey=1774624697797174281&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.162&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 441 9053ffc master cdg-pixel-x7 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Server: MT3 441 9053ffc master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 2DE0 49 B
330 B 63ms
30ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1774624697797174281&st=12780336&time=1675491011&nodeid=3759
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRBd056UTJNVEF0WWpNMU5pMW1Namd3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ2MjQ2OTc3OTcxNzQyODEvMTEyMDQ0MTkvMTI3ODAzMzYvNC8wY3B2YTA0VXctaDE5WVd1c2dhUVNURUNVOE9UeUdIelZWdTk1V2J2WGdFLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTc3NDYyNDY5Nzc5NzE3NDI4MS96cmgvMC82OTI1LzE2Lzk5OS8yNTgvMmEwMTo0YTA6MmI6Oi8wLjAwMC8xNjc1NDkxMDEwLzE2NzU1MDM2MTAvNC9wdWItMjgyOTE5MjE2MDkxNzg4OS8/7Pdvcvn-FeNwWOyyJqEIUP2ayEc&nodeid=3759&group=zrh&auctionid=1774624697797174281&pbs_auctionid=1774624697797174281&shardkey=1774624697797174281&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.162&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%26client%3Dca-pub-2829192160917889%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.379.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Server: MMBD/3.379.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x40, zrh-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 04 Feb 2023 06:10:10 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E638 3 KB
3 KB 123ms
13ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3040
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXa%2FiJUeHe6AuzBOCwP7Zx9PzG7NY7UzYovNvE2cuttwFsXPa8QXVF%2BCqZKqA3fhzcGi%2FxHa38dxtkJ791IRjLSMv22wiYxSdY4wlDfm36%2BRQuLUszheJmF%2Fwt%2FWAlxJueqqFpOMLzPYfDF5r7WdLhZW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79413de46c893838-FRA
expires: Sat, 04 Feb 2023 06:07:01 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0A66 2 KB
1 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 262466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79413de4387d366f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYFHLiZs%2FNUN1i2TzROLBj3iGEgCagQQmeGyF8hVMgBBpOIXw%2Br7JYaeAJOEGwqfoCQSWS%2ByzOdhyOJ%2BTY%2F0qiFrJRBktV8E%2FugsCbld1QeDnWLvwnsfpPeWi%2Bq7im2%2BjIaLKD0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B515 3 KB
4 KB 115ms
10ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3040
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bGnx%2Bh94xjyGe7jltNAaNFzSx0mhXJKUyoMehPxNFwTVXFJhADBNmWmJ5HL3GJ8GdcAHVLkHeDoycboxR%2BCq74pzb3VxYj2Ve1JZPXNiLip5j8DsuCyykULeknjWRVPirJTjK0Q6qwjyuEqILj8EsL9"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79413de46c8a3838-FRA
expires: Sat, 04 Feb 2023 06:07:01 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 80C7 2 KB
1 KB 16ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 262466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79413de4387f366f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FjPkCHyMqprCZ7HVcFDuih7MIxs0toa7oMp9aJWk3ji9HPt4HhXUg%2BO%2B5UmEKcviz94VGFTYzU5ktTdliXWo5IueAnuBAEO1XHXYRg7n1%2B9TYCxPxGevyjcDKLGosG4WBUggxA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4CDD 3 KB
3 KB 46ms
11ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3040
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h4pWt65FxVz2Pe6%2Fw%2B5qbHi9%2FvoWLiPutafNebW7BfndT0XHFWaqsUbTvkJFOUetlwm7rMMSes%2FkBkn0lrz2SW4IUY0Dlds8xYdcFoEAeoyNXW%2FnMMVvJ7cY3Awwh%2FVaSymz5%2BrmZz%2B1mMswwnAhyh%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 79413de46c8b3838-FRA
expires: Sat, 04 Feb 2023 06:07:01 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4D9A 2 KB
1 KB 27ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 262466
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 79413de4488e366f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi%2BTBwl9HFtlTrlNjvOBeKRqUWmG%2FoGQaz8C%2B5plNceBv2r%2BIjdg4I7kXuvH7%2FPjE3CcgKpWkR8l3GyefgdS6jTunZo5HT1cIc2DGTqu0E6Ns2yyPXTqIZnqo%2FjYsQSrZ79%2FiJI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D744 42 B
64 B 79ms
72ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuavKGGs8BSEwVaM4u2HMg8LzwIfBDffyWsgaUFA3ZguODIeJVoSn6z-80eEz9mVM8Kdzqxr0v_tkgMJEKVp8O6r7prrR_2ps0Gpop0TLN2Hnj3ufOq5yO8znb41aFbb9ukQxBpw&sai=AMfl-YQEqnWx0Sbi06bI8ifrY9fY99MATBWdf5PVfQp9ya3XT1XNynWIVPvuAUPGmoUk2RH1omGrg2QL-oWD&sig=Cg0ArKJSzErkNsx3WorREAE&cid=CAQSGwDUE5ymyoYXg49K-vVkR98EIMlkyVyN06NljRgB&id=lidar2&mcvt=1006&p=0,0,90,970&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1727054528&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675491009600&rpt=653&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal900028.redintelligence.net/ Frame 2DE0 611 B
774 B 143ms
77ms Script
application/x-javascript 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=7ae677dd78&subid=&uid=f81e6b6cbccb7f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DzMfCyQ8HJzfBtoxNcLor0w%26exch_seat%3D20035004448%26mt_aid%3D1774624697797174281%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_cid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2829192160917889%26output%3Dhtml%26h%3D90%26slotname%3D1151351565%26adk%3D2974423296%26adf%3D811793458%26pi%3Dt.ma~as.1151351565%26w%3D728%26lmt%3D1675488952%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.balipost.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675491009355%26bpp%3D1%26bdt%3D999%26idt%3D216%26shv%3Dr20230201%26mjsv%3Dm202301230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1687248506228%26frm%3D20%26pv%3D1%26ga_vid%3D1475147726.1675491009%26ga_sid%3D1675491010%26ga_hid%3D1061696867%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D21%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31071812%26oid%3D2%26pvsid%3D68042597855758%26tmod%3D1432477866%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3DM%257Cd%257CaoeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DdpDtSm9qri%26p%3Dhttps%253A%2F%2Fwww.balipost.com%26dtd%3D219&ancestorOrigins=null&random=4374589939163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=1774624697797174281&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DzMfCyQ8HJzfBtoxNcLor0w%26exch_seat%3D20035004448%26mt_aid%3D1774624697797174281%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_cid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 29b6d63777a25ee9e15543b7a7782caba90af3bd0cc7a2021ccb2a5241ae71b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46712800015640106783183012225028
Connection: close
Content-Length: 331
Expires: Sat, 04 Feb 2023 06:10:11 +0100

POST
H3 200 rs Show response
ad4m.at/ Frame B515 1 KB
2 KB 53ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64bc8aad23e3053915ec5e0559923811590e323783ee2a6fb853b5b4717270e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS4Ap%2BzFxMzPRmd%2Fba5CJHLl8yVKBsKIUw7QJzqv9L%2B9yKKUuYE7AlZKdaLufH85iqxfa578pE9E8ua%2F0FPUhQXXwIqHe6noemWcBkRn0TP5T35PwN2DZCQpSm6vMf33RzbpG%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79413de4f8af2c55-FRA
x-backend-server: aa-reachservice-group-europe-west1-b74t
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79413de4a8822c55-FRA
content-length: 24
content-type: text/plain
date: Sat, 04 Feb 2023 06:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV0pUqiU6tsdoS7xDFQulTktmp57XRyX9SXFC3FKvtFBKEL6BvtklGcSJB18ZLZ9QYNw%2F27OWcJDHOjQ%2FuXgFC%2BGn6NGuie%2BRLNbhjchzQ4cfE9KdHVFno6LPgSw2Rni2cLe7SU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b74t

POST
H3 200 rs Show response
ad4m.at/ Frame E638 2 KB
2 KB 53ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c986ed22fb9d7ff6baf85ae7e71a74f8ec50ce21cfac1107defeb7cef6d6c9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0%2Bf6kz6gwOvthh187JNAo%2FYVXPHTlayMJlXm6EiH1IjlvAN5bImIDO73O1vfzerMGVaMmklo6gA9Ge7LP7OJQJbzaVZFNLLCI9jX3HvmIcmydRhfPXVgFC4ZHXTdNf5V4CudEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79413de4f8ad2c55-FRA
x-backend-server: aa-reachservice-group-europe-west1-b74t
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79413de4a8802c55-FRA
content-length: 24
content-type: text/plain
date: Sat, 04 Feb 2023 06:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKHPdqcfsoHMCPWZ5j%2BRlc%2FkzDjHIXW%2F%2BxvKZcRcJ9WDYsN%2BVE97v6vg0%2BVnfDuQVyJJpFcrW5BbyzXYPnQT7ulUiI4LrQqfT%2FwBnpS%2F%2BRMnIQ55FVTs02EXWgqbNdxo8rhSIjY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b74t

POST
H3 200 rs Show response
ad4m.at/ Frame 4CDD 1 KB
2 KB 53ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e03a0b979dc2917b937f294b1c3119a14918b8c3089a0101b6052221a60d7f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVvbt%2Fr0HkoAeSafYNZ1HXG6doOp6bUb2uqzqbAs4CustCSrz%2B1eUZ%2BFd%2B0tkrOkp2e1jVLdQah5eqPzGF5vINKkcQXBFdIB0zTtFY9GVXFfxMxGWI4BLIsSypA3klSErR2rmgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 79413de4f8b12c55-FRA
x-backend-server: aa-reachservice-group-europe-west1-hz4n
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79413de4b8832c55-FRA
content-length: 24
content-type: text/plain
date: Sat, 04 Feb 2023 06:10:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5El%2Frr9VLzQUpUOX8%2BBGv%2FS88vRgXVhBO5oMFpysQY2Q6TtaZuW1txpevlb4ztHbZuoNDtUGSw0OOWGhyMZNygKL%2B2TU06D6OfC%2FCXKAqiz8qXAYTbZEgbkAyaWOKd2mnzg85Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b74t

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 920E 12 KB
4 KB 41ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb2b35523953ca8de675f1f7df0c547796cc6c3f90ef63e154760a4125b3f7da

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hk4p627gw437thrqc4a7yh6qw512h1yfwv0paasw4j66kbq629eq10aeqn8chc834dytbyegrzf5y7hsjc8agcydzcs1khfna9zfc2gce7qbsfhmw4w69vqmwk6qs5qmne8awq2m0p2fea27gmgnparbpekkgvjq9fa9yxf0mqh9cr6c3g8ks4cscdxf65vtv1qaknccand2m2memj22k4e80s8bcdsx38mheeqhaeadmmee3ryd3cp3g5stxztw04vp48dfp28a3htpqbjq46377dq532mpv676jz916a0hjf724r7z2jgrt6mft6yd21xnfba11sxyz79mgma7wy974apbt84h7ktkqk2t7ycmdv4dx80vc42sye34b79ystarjwwzatjrzxx42eg2d1gwfdnnpxg7ywxe8bgq8h33a4h64etxf6nhhkcy5gykn7q5shgpgcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%26client%3Dca-pub-2829192160917889%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de55981366f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7B44 9 KB
4 KB 31ms
31ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a622b4b4cb7f1451de2770c8a429703e71e8762010cfcd0ed47b34afdf127fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hte73hrdsyqtc2k81k50yz98eaxamhj4ng6pw1b6vbj5hsareanygvj4bx024waftmjkdv6j1d77w64mq4370pkq209zqdqkkh9q4btb0sv3qst5xhkeg0fx4xemkf7hycpgrthsmvjbkv8715yjf04f1q9gttvs5kqjxsvac2sbc99jy2stdw6vcsdm3mkpjkzrqw4sx7rkywhwbcdeqc1nhdmnqc7hpazze2wx9c5efkfnz7gnams5mk4fr84fdky5604d4nb08x84thcn98mt6d4zv31d9576xf28nqfy2jn4xmvj5f5msh73cwdze3s52z37qqfyzvqz5y2g2nsg1qbsgee9aj9tfqng1h067nvhwd9q5es8184q82jzs18kzhv5ewagv05c8zx3a1j4svrv32f2nvtd00mvpnwq8dhfpzj76twpev1tvw0yayy4nesxm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%26client%3Dca-pub-2829192160917889%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de55983366f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1997 11 KB
5 KB 29ms
28ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4785a283a3374cfe61ede0a646a83a6fc99db155ae033ccba7d03ffa7014bfd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h7mztpn55vvybw6qvrxgtpvzg9ydwedfjpgb37s2zhp1btkn72daqgagpb7v6ava7dqmn6xjgzqf4d4y12qhmg2ssbm7pmwwrdkyanqqnh8znf030xe6rrvf1y54svarbrkywk3rksnpzcp0tt553tmsx2m2wp44r92v5nmnvfgpbjxrnn489dwy8kr7zb2hx1drfncnd71nnstg3czw7hs3pt1apkc1qwpca7wxe7h45p7xc46pxqb8t51kw9d1bzgn5kgyd0fv3xrqa194f72rkk48msngdfjnt0ntzye8aztxx80mxwvzmwt5xpy2n2nptq1tyvm493f17jgx6b2m7pseba9njk5gwyk5a1yc8vxx0cg6hbssa99x8ysrnvrn06t0me06aa837bedtn77ah3fq77syfczx3pnb6v896zwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%26client%3Dca-pub-2829192160917889%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79413de55985366f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame F7FC 4 KB
2 KB 27ms
8ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=7ae677dd78&subid=&uid=f81e6b6cbccb7f8e&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DzMfCyQ8HJzfBtoxNcLor0w%26exch_seat%3D20035004448%26mt_aid%3D1774624697797174281%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_cid%3D384a63dd-f6c3-4a01-b11a-c481c1191ecf%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7I3WwvbdY6XbIKmXxdwPio-VqAjPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqAMBqgS5AU_QB2ck-8mDgfaISh8Ev1p94FNHGktBUC-jmq-HUypNT2b3FpnKRHpfDM_cnSCv33LLpSdGYrCnGtNorLYnLSP3JYSE7Aw6bsYCac211xTvjfTP61DJLfm30ibjuYQ502IIcfyjT-untHbLMIu7RmevzuVOil_MTW4RclKBRJlSxLCtvUZpGVf-GkWbZltgb7NiZEVYQfRMT58BSerfyv1r_6F93qc_aYI-cOMtkr8Zx0v1_mPvjcp8gAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1iXY2blP8_-nuE0xJeFxjYU7GRkw%2526client%253Dca-pub-2829192160917889%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2829192160917889%26output%3Dhtml%26h%3D90%26slotname%3D1151351565%26adk%3D2974423296%26adf%3D811793458%26pi%3Dt.ma~as.1151351565%26w%3D728%26lmt%3D1675488952%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.balipost.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675491009355%26bpp%3D1%26bdt%3D999%26idt%3D216%26shv%3Dr20230201%26mjsv%3Dm202301230101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1687248506228%26frm%3D20%26pv%3D1%26ga_vid%3D1475147726.1675491009%26ga_sid%3D1675491010%26ga_hid%3D1061696867%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D21%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31071812%26oid%3D2%26pvsid%3D68042597855758%26tmod%3D1432477866%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3DM%257Cd%257CaoeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DdpDtSm9qri%26p%3Dhttps%253A%2F%2Fwww.balipost.com%26dtd%3D219&ancestorOrigins=null&random=4374589939163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 89fda9f72dcc26f0466f4db603a3dab7a96510deada7629b48afe4e333cd85fe

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1505
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Feb 2023 06:10:11 GMT
Expires: Sat, 04 Feb 2023 06:10:11 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B52 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 06:14:03 GMT
etag: 48472445140208031
expires: Sat, 04 Feb 2023 06:14:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2DE0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d84d3327436fbfa59f28afb68d118a14bad27552c15d69aa57bb08e72b7adbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 1997 94 KB
12 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMMbwi3LVD1k0AdOmOp3zbIwyq8aDihp2DySwzDuHrIK22VjaiLw%2FuSZtr7DHztB92j%2FMzy%2BRn5ytZjET2MSozd8F2YiN7xkP8os%2FQam8gB%2FVva23x%2BrI4vmFHyt1fucdgVUvztWGIs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de5b9c9366f-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 1997 8 KB
9 KB 40ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261834
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2B792uGDGihCu8XkF3Nj%2F5N0VHdYk5yTuUM8eNL3pdxM7BDCr6YODlT3F0lS2dN9u%2FvPC4E1nOi4aRwG%2FDMORW710GDkoIawCGV9Lclqr%2BZXQrgaDbnsRzA9GZ%2Bjj3o1CgPYgUvnmRVPu5o3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de5de6c3624-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 1997 30 KB
30 KB 26ms
4ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261689
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVmcFis4PXM%2Fe1CTLx4eJIqp6%2B7dLoqOpgTypUU2G6ZS90tj%2Fz3rHCF8DVOJoMsX8rK1L6kCv%2BumRr0P34T56El6Bd%2FcN0Qa8FQvRwUVsJromLlAMJgTSu5AUglgbPpEL4yBzZHIrNKnWwlC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de5fe893624-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 1997
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKzSy7Sa-_wCFc8R4AodmO8L0g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675491011_95501380-a452-11ed-ab4b-226222ea62e0

0
549 B

89ms
16ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675491011_95501380-a452-11ed-ab4b-226222ea62e0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:11 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675491011_95501380-a452-11ed-ab4b-226222ea62e0
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 1997 219 KB
220 KB 43ms
22ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256486
cf-polished: origSize=233620, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224653
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2PTsqKWHUkVKHzNqj%2FTKvoi65Zl%2FO84Ye9w5cVlI5WG%2B61MazN0pC6gwdTfb2wQpH0bGwCRohDkUzFRmzNwa4nU6TcZk%2FBx43yBNnFAOcZTBagz9SMzPD3OtsbLn4Yj8OWkEEdrCHPZC7tX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de60a12366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 1997 637 KB
637 KB 67ms
46ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241740
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24pgsd1qcfS0j3svg0yoOcwALYhY%2FMESSQvGihKjv6%2F4bM5NeH2MRpNID5iaTzpSoiYhNAg71MFFphpMTCBIyP7NP7YIhWVFbPphBo8KfKdgbwczb5y477wBe47%2BdFvzILxPLRnb6fgOlU8B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de60a16366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 1997 18 KB
19 KB 90ms
68ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0daf9721063a9c0431d4f2097dd6377d04f83ef93b3802832f1cceed3fd16ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261268
cf-polished: origFmt=png, origSize=35453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-bgj: imgq:85,h2pri
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMn9hZ9emfnwdyopA3fTPtKQg8UON0y0a0wbaZoaytyLu4qWW1E9CZXdgi6VWxCAe%2BTsv3axF0E0AZeuarahty6qKU8QxweLUCwLOIklyKnkpSHynI6aLjOuU7YtyqOzkl3ntql36VqHlVzi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a17366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 1997 9 KB
10 KB 91ms
70ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261272
cf-polished: qual=85, origFmt=jpeg, origSize=83479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
cf-bgj: imgq:85,h2pri
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCw4B3hb%2BRH8gaq31RHiyt1kjAyz%2FNSzsPlk5bJNs8V1IYW5nll10MZU3V8mExEAyZ38itC%2BrUVdmnXzWBz%2BS8DKWMCcmv8XQjuOCbr264YM35pmToTw2dzkcD7L2wYSwrHPFTWJzolKpSk6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a19366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1997 43 B
704 B 171ms
45ms Image
image/gif 2.19.44.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-44-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 7B44 94 KB
12 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fwsfq0jHNYWYpGz9W%2Ffos5EuIc7BTN73gj4zZv%2FV39lURlMkCMwqrUujrmOxjjxXj1oSYezaclvykyIQDqMrnrQrYrocb0ZJHfLNH86GDVF830De6MFP44c0VNcGfY31Tqo7zhAgSeI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de5c9d3366f-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 7B44 53 KB
54 KB 33ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNvJtA4%2Bpbw83A7%2FstKGlLlkG4Xhts2JHDma3Cytc2ICsnO%2FMC8gGHVKknOaBZctuByi2xLGulgGx0jUM61rAH%2B%2BXggpTZtrPDQ9EJWjJolY8yJbJbAoCc538WKrQK%2BPKboLynkv9S59MT%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de5de6b3624-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 7B44 11 KB
11 KB 92ms
70ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261486
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPj79dj%2BN9B5FBrxIwaWs8wOfswaYvl%2Bpeqz3VgUeagBp7w8joHmBl1ShwUaGYYEkVW5Bokou88mlILm%2FzaLDNlbo01RaYoxjTnjQLV2HWh9xvreogEtVuR7E19%2B5Ee8nIvHCktglN0XHaXd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a1a366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 7B44
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKrTy7Sa-_wCFcsk4AodVrgOTg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

100ms
18ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Sat, 04 Feb 2023 06:10:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 7B44 44 KB
44 KB 93ms
71ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvA6aW4tw6dH1JaBKV1vyjL8%2F%2B8p4nliEHPFQly1W9D%2BbMuHBGtgb83BUzvFIkF4RyeK8IEykwj4MqLPmv5ewzZlBZcNf1PfpB49IhZfTIk5yRg0HKAC8NmWoFdGPg7USVKANW1OfQXYzXzn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a1b366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 7B44 222 KB
222 KB 93ms
72ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK6TYAOP%2F%2FS8Nhz3%2BI%2FW8bcpcw2ByT38mPQfvwjazAhdIWyZ625eYI%2F8FP51Y1dFQwyPkyKd0qwnFSvtD5Bp5WzlO%2BDOsxi%2BKK2gNA2DKHely555e%2Bbma2KFOvzgn%2FjgZyWQFDAasawFG%2FkV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a1c366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 7B44
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1675491011_953f4aa0-a452-11ed-a8d1-22346ba814b1&insert=AW&&gdpr=0&gdpr_consent=

0
673 B

76ms
48ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1675491011_953f4aa0-a452-11ed-a8d1-22346ba814b1&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
via: 1.1 additional-webserver-blue-b3gw (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 336474790
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=3ff485ec454fbd1d
cf-ray: 79413de72eb12bb0-FRA
expires: -1

Redirect headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1675491011_953f4aa0-a452-11ed-a8d1-22346ba814b1&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 7B44 2 KB
3 KB 96ms
75ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70C%2FKK57BDNK7jG6itWkdDemaLjACKD0f5U72e31T2vOPfTo7v5TpCdd3cm%2F5uMbapQwye0%2F3g8dnGRD%2BmxKeA91jqx4GDh3bqy2pFHGeKSL8KusXKUttHRQcMNigu1fCCAzC87X5g4rzmKV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a1d366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 7B44 339 KB
340 KB 96ms
75ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C14019%2C117569&b=D13t3fwfGPB5f3HmH9t1tZZJSxSmTYYQSZMQg%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=dk8aEfkfpEJ9CEHjHwtqCbbrfeS4T55PfgVPW%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=b748e2c122116bd1f47959b1a5cb5b23%2F4784331414298361807&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hn9mssywsb1n60tq2dnn7cz6rrwtj63ykyc30p84dg0sqej5v8d8r94dndb7mw13ahq2hdwmt7xjfy27r5958gt4m7z9zg1cqyzym0hzcvpq9kgtgf5mq9ytpn5450cdzaq6gdsfbskzpby7jh5s1n1qxadfda0qzdgvfxndsmczn6cz17w9arty0w2dk5xbxxw3chrnbyb6r1v0h3jgzb7btpksp2habvga02h6ys8kvqqn7svrfv66pnavhjrc7fc860cbbh5drgebnrz8evf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbuMowvbdY53aI_OYxdwPp_q1qA2Q4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi0yODI5MTkyMTYwOTE3ODg5yAEJqQLecM3xcByyPqgDAaoEwgFP0CtcbYzIoMDANQhPJGsfE0kguFwGKEFCVn_-GHG0rYA7-IXHbvpbHcEq29C-lS0zdCEKEn4GFBNknhgglWtJYm3evH87yDks7ZaXeVX0VH0pMAWv4YOzwI31nYrsBgX0_rqXFNeOGc4O06Ev14dTUiqVrtbHDiIaP_f-dyo0BO9nrVEa0I33VNrVJEjNbHvNrNLqkOkQBw0kaqlMXrXE6Hxd5GOLJyI4t9NDzL-jPYm4QZ8oL58-OcxIZWVGlU8ONoAG79rjt9a5xbd1oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3v6JVavC0S4rFk4zoJAC77vB5Jxw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FM51pcdbV4ENMccKSz0d7rCb1hgFbkMcpGyu6pMwJ10PQ6fufgdQ36QWnx%2FZWlVy8x7q8zJPgBwx2HcIkjUckg7GeiMmoX5FG1sIxnRUJbh6OSHkrJJrFOdz3hDLua1P5cgXAxbfLwSv3iJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a1e366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7B44 43 B
702 B 178ms
56ms Image
image/gif 2.19.44.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-44-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.29/one-ad/ Frame 920E 94 KB
12 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.29/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674752855
age: 262341
cf-polished: origSize=97007
x-guploader-uploadid: ADPycdsZjI5fECjAhoy8qzvWSONYz9bIt7ko5oX3W69yG6KJfP5zPv1_fVYgs_PLPWlD4TXeEk6FSO00jYJNc7xSK-16jW39EDyH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 17:08:09 GMT
server: cloudflare
etag: W/"894b1310ad36469d313fb67e2899e78d"
vary: Accept-Encoding
x-goog-generation: 1674752889520716
content-type: text/css
x-goog-hash: crc32c=wEjpSw==, md5=iUsTEK02Rp0xP7Z+KJnnjQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMg7Mn0%2Bo0bWs5GrbBWzqAn6uccmnhv4BJ85bjHY78viW20UsMpWpiRIQ7UlCxw%2FvnYZap5TpyH2nXN3Ystjc%2FnETJ7caoN%2FYWdMpnRvJlyGEUXjTzAIucu8rvjS8sgJBdhnCXlDVg0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97007
cf-ray: 79413de5d9e8366f-FRA
expires: Sat, 04 Feb 2023 07:10:11 GMT

GET
H2 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 920E 26 KB
26 KB 23ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261276
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BjfQnyjz5GSdtFsi8eNEdvR5kTSvPoSRKjWZ8x6t%2FOqttkioKWj5erykaBHE50D0zGVR%2FubXQeylKSQmFxuyJiAm3ToSu0uEgA3MYz2DIxLQxV5ZKKMoE8gzPQUKNoOdQO%2FF9LIPtDd7Fp3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de5de6a3624-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 920E 54 KB
55 KB 95ms
74ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261275
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ2SCKK5i55DMC3j9G98X8PDCFL6sv7XpzZZQ%2BNePKApBpRZOZaytlbGtzmq70NWCVx%2FjJIGmMy6L54bKuveY%2FTiIZ4nFok0lJJt4yMyslFULfdSjw7siyoGrs%2FeZzVjU3FeUuT8JEagwWKc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a2c366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 920E 2 KB
3 KB 96ms
75ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hq93kmjARI91D2LdP2elES2AG2y0O2Ng6Znc7wL2ICf%2FMqtXCPrcR%2BgFuxR%2FyxkIVz4feKQWOk37HEzLWkjwgZnV4s3%2BC7OdCXBtwFlW2V44UwmOU0g2hq48W0%2F%2BU8AP3JuTw08WYFvOPSYq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a2d366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 920E 339 KB
340 KB 96ms
76ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262161
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbJSmUST1dEWzhyq5VBHHga7uOOfijKvZ5I1qUoIahBBKH%2FjvPqaBK5damBeb00DiIYcg8tilUH47jTaaygV5uwnuw4wQ2gJxILmWKwgWVU4TWeRZSj0xEoSTRF%2FHLZb5rK%2BHzhfOo27lOGR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a2f366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 920E 43 B
702 B 188ms
69ms Image
image/gif 2.19.44.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.44.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-44-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame 920E 17 KB
17 KB 114ms
93ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261274
cf-polished: origFmt=png, origSize=29332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17112
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 May 2020 13:33:22 GMT
server: cloudflare
etag: "122e7322a58f4a1954c70b4a17dfafb3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTab9F02pxLekhlbvKP4dz0NrkF3mmX6wb8GeTrGJx5BBRgNNWEOH0GQc%2FAgdJhaOmrfy75LmgJkOh2CfsuaCvy9dEMxiDL00pXWtnd9e5IjLu5J0IzMjaSpHeDp%2Fi5p7zuP2LROUXgR5zZL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a30366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H3 200 0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame 920E 173 KB
174 KB 122ms
102ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261274
cf-polished: origFmt=png, origSize=270249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177346
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Oct 2020 11:03:48 GMT
server: cloudflare
etag: "e93e5f11efcf3516506c022b6dda411d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w5CVhxBiDQ4qVkA4U19BmIJkDpvJ%2By5syzCttDZ8%2BOi1ICsVoPvRhVyakh9O7lsuJmbmctePDP2Obrrn7g841I0LmbFTNdmHi4ZFLdGybZoMvavRm7r9UxOL%2Fw0MYUIVdaAqFhkcL7j9Cfj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79413de61a32366f-FRA
expires: Sun, 05 Feb 2023 06:10:11 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F7FC 727 B
841 B 150ms
21ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=61227796;click=https://hal900028.redintelligence.net/c/p9l32xgibpt37pz?tprd=

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

97d0b51e9378fb3b6701b75a0acc87b3a94bc7c754d70cc13acd315818ba5dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 526
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame F7FC 0
150 B 46ms
15ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=46712800015640106783183012225028&a=1346d579&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 link.html Show response
track.webgains.com/ Frame 1997 1 KB
2 KB 163ms
68ms Script
text/html 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h6q9z6fnfj4990fbjy0b3fx4dfbcsamm5h5nn5531rss6gmy5bntkbyv5ztms3h6bpbw95ytv6jjskt2p2pc3d7tdtdq31xxksz9k15v946nc3dzky10hv78qn6snjrb8db6p4ma5nv48ecfwkx79jfhpsd503zn3yh1ceprg5hbs27p2cbwn0p91j43ma6rc2vqpxvpnzab1mvah6670fqtc3p2djxmd9m82yd6tj3hrzwvsx5zv3gx73qr7enfmfxe%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7b1ba005d8724e0103e94e772546c85e5118ac261005c365f20877ef78ade7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
last-modified: Sat, 04 Feb 2023 06:10:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:11:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B52
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBSYsUwP10cle9SlOb5vrXw&google_cver=1&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-p_kHPANxSjepqqMknUT8AovRHEVm67oGn3N5Qi8jt4tw&google_hm=9x9bzoLuoF...

170 B
188 B

48ms
48ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-p_kHPANxSjepqqMknUT8AovRHEVm67oGn3N5Qi8jt4tw&google_hm=9x9bzoLuoF1qsqN_e_28Rw

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-DDgL1ixJegYAEwhkzzbIRPiy4w3V8f984m-n1a_EdXKnxorenW-p_kHPANxSjepqqMknUT8AovRHEVm67oGn3N5Qi8jt4tw&google_hm=9x9bzoLuoF1qsqN_e_28Rw
pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B52
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_-GJOL_ct8HdcDt9lQ3o_bG5lDm7ECHRwIKyGEVPh...

170 B
188 B

48ms
47ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_-GJOL_ct8HdcDt9lQ3o_bG5lDm7ECHRwIKyGEVPhpLKTsjFSJcvu9jkmnno7SB0bnClfZrOgad8YbX06Wx5G2-aMTznpxyZk

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 06:10:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-02d4862961d254dec@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RnBNRTBUa20xUG9iS3o1&google_gid=CAESEHP_OBUqa8FOQygMc2arBTY&google_cver=1&google_push=Aa02lx_-GJOL_ct8HdcDt9lQ3o_bG5lDm7ECHRwIKyGEVPhpLKTsjFSJcvu9jkmnno7SB0bnClfZrOgad8YbX06Wx5G2-aMTznpxyZk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4B52 70 B
264 B 48ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHGoT3pVB3W1bWmszrdfPVM&google_cver=1&google_push=Aa02lx82me_3t83MFCeGbu-tlJvhOHws1WuBsOPmZZN22CIs-e-esKXio8-IT8ytTOd33aIuhB4Bm_hq6k2ZPyaWLRAn8v5DtaCqIXY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B52
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ2SGT3c5TM1nQXKGMiF9oY&google_cver=1&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxts...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxtsPyqscENU

170 B
188 B

46ms
46ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxtsPyqscENU

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8TOMF2-yDfCAsrkSYA8ZHgkhljlxFRAB6FiZaNYqeSg0fkxa4sD7fbQcSbJ96RgxCiLR6hiTQy--MSMo8hAj7sxtsPyqscENU
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 trk
ag.innovid.com/ Frame 4B52 43 B
296 B 266ms
23ms Image
image/gif 2a05:d01c:1d8:8101:12a4:d572:eb13:afa1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDxMsI4kTNo8nlJ8V4N3i4Q&google_cver=1&google_push=Aa02lx84hE_ZEHL4YIgoX29mEiultAXV7hfy6nIN2og1Une5kMDQuIXU2GUr97bKPjBUcUDfjVjG4O3OMcigz2uU_YtNsVWk0VVkDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:12a4:d572:eb13:afa1 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B52
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKKmXmw-7ybytPD_aC6nkpA&google_cver=1&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wxNhWWafEIfgfqYoBRDg

170 B
188 B

54ms
53ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wxNhWWafEIfgfqYoBRDg

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9_eRJba2_oYtEZ9RH3rTI-DlPfadqc04KbEsyU7jBF0TV6LEcKmSxgY4i5XDLdGBJEcyDHlqJQg8wxNhWWafEIfgfqYoBRDg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B52
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGX1G-6kU...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGX...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=499b6096-8e28-4734-8ddc-37bd1ab600f0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

43ms
43ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=499b6096-8e28-4734-8ddc-37bd1ab600f0&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=499b6096-8e28-4734-8ddc-37bd1ab600f0&%%GOOGLE_PUSH_PAIR%%
date: Sat, 04 Feb 2023 06:10:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B52 0
12 B 52ms
44ms Image
text/html 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kys-2uN8oJyiNKRhqCJW4b2s5-CWqQP_IA0742lUBXkMz4meLNWWpNBYiyFGSabg_fbCmm3g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 920E 2 KB
2 KB 192ms
108ms Script
text/html 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jn39a2v7ce9wxss66pfe5sxandkhf24cexqhhb6hnmaabsz9ez3kw9hsvzm23g691b4ndj24gc2qxhc1bxk4c9cr9g2em41rxrjt1n87ft99cxb8ggwjy654qvxck4rh2197syx3gqtt02x96syh6hm4fcdm5aaeww8h03bya2p6jtgf1vfnqzee8kq1caambqfnzmfajf3rny85q5jjqzcv0p3c56jjqa3jbtdz3wpy0g13egqk7r91ccwyqay5g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 93a84e5adde0794c3a4f06726e79905f127bbeaa675c703d57611d7e9846e9da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
last-modified: Sat, 04 Feb 2023 06:10:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:11:11 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 920E 1 KB
2 KB 154ms
78ms Script
text/html 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdmjsaqm5qf7zpd9s5mdmarvhqsfjsge4m0yz5e84x2qyg7vc0a6gppwyz4zhpe3y5har06p2f5rv202vnj7tgydqy40d23f11j429afj9myt14qtb18gp28secvkhzschzbqgddxw6324xsmn60rpvj07vchpgac6hdvywk6br2mvjevc18c3yccsc5q6adtcxhkky2r451bpm27pp3n1pqb4vyrnh94hpvmr0z5df13jhnf4kxprx28t11tpw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 27f6e5ef1c503c3a7aba46e0ae90859b9a8a401d5f5581f1d325257f8a760cb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
last-modified: Sat, 04 Feb 2023 06:10:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:11:11 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame F7FC 34 KB
16 KB 120ms
23ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61227796;click=https://hal900028.redintelligence.net/c/p9l32xgibpt37pz?tprd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:56 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1997 85 KB
31 KB 75ms
7ms Script
application/javascript 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h6q9z6fnfj4990fbjy0b3fx4dfbcsamm5h5nn5531rss6gmy5bntkbyv5ztms3h6bpbw95ytv6jjskt2p2pc3d7tdtdq31xxksz9k15v946nc3dzky10hv78qn6snjrb8db6p4ma5nv48ecfwkx79jfhpsd503zn3yh1ceprg5hbs27p2cbwn0p91j43ma6rc2vqpxvpnzab1mvah6670fqtc3p2djxmd9m82yd6tj3hrzwvsx5zv3gx73qr7enfmfxe%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:30:06 GMT
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 74406
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WL1QfqDUAcif6w2a32hMEKB_acwQQrph3vC8JwkYzQVBYGjr6THuRw==

GET
H2 200 link.html
track.webgains.com/ Frame 1997 48 KB
49 KB 76ms
75ms Image
image/gif 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C183975%2C14044&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=250&e=&g=8b422603eeb0c0a2e534ed458d0d60c5%2F12017649732335571557&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675491011372&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4c1na7yr54gv1z8p7esdbz7memr501pxyet7961b3aary82x7trmd3cm6xfx7qy7jtajbyz1ja6tnfh586q8j6ajkszsr55c2dsc9hsg3dk58hvw5qdfbpyx4rz5pp34n0q8zkvsef5rn72w47a802y3kxzpeb53x92a5mj5kknqrgyfvhjhk6db5jmy6j9cxwb1z072yzcgjfkwb9asq49png1a5gw9hnykb3caz4zh69npred7tvmjb02zqeanx2vnhfac1kfktg230%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXmkhwvbdY-f3IcKVywWSj4ewDZDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgS_AU_QputvSLwfAuTudbhlk4RkgezTxlrqeE9J7qVzuuOpfeMUtBRO_d7qXUEOC19jy-zEoiuoGlyoUib5fb8YqLeBdXVei1x9N0LzsdDJE0YZlfYBnU4YeoMY66eoO-_QVzKfvF-yI577LzviiUs7aUgnqtTPz2HxGyTX0JknQZzeS2o4KVwcchtaLdUAzmDWkB1PfzSIEtWhbrrF0D4beohll_cfRNAnHoVhnO9XLg2LDKK57iVM0DXDGjhfFVTzgAaV8rKopcu35ecBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2S9E0klixp9gHdz5JimzWA0ifrtw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
last-modified: Sat, 04 Feb 2023 06:10:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:11:11 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 920E 85 KB
31 KB 71ms
14ms Script
application/javascript 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdmjsaqm5qf7zpd9s5mdmarvhqsfjsge4m0yz5e84x2qyg7vc0a6gppwyz4zhpe3y5har06p2f5rv202vnj7tgydqy40d23f11j429afj9myt14qtb18gp28secvkhzschzbqgddxw6324xsmn60rpvj07vchpgac6hdvywk6br2mvjevc18c3yccsc5q6adtcxhkky2r451bpm27pp3n1pqb4vyrnh94hpvmr0z5df13jhnf4kxprx28t11tpw%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%252526client%25253Dca-pub-2829192160917889%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:30:06 GMT
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 74406
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -6TJTBENZsCk6XpXrGf1lxoTKAzExEfV9u08RA_PzaunRIOuyXNCKQ==

GET
H2 200 link.html
track.webgains.com/ Frame 920E 3 KB
3 KB 103ms
103ms Image
image/gif 18.130.177.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2100065
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.177.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-177-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:11 GMT
last-modified: Sat, 04 Feb 2023 06:10:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 04 Feb 2023 06:11:11 GMT

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 920E 15 KB
15 KB 37ms
9ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1675491311&Signature=JCC2Jp0IKUFeycpOZoe0w0ho1Vaor30Yoq~qGKz9NxnGrIU0qd~DVy9Xjx5Q1oeDE96zhaELxx97SsTsvHAmL2hyd7aFrp4PaZgvHoN5~0-UTyooetlnXCzFr20MG~MWNcY662vOoXQdX3Mkf5aed5vMk-sVLTaDsdjJsWw6Botf-yxgux01DCURbSMaLCaw78WOA3Dpumfl~HV6MD7XMRHp53KKgo8WTxLe7J977lP3qVFKeAvDYUsYh4HwuR~UaKaXLilZlq6Qb82lVFMnRhUdze4c8iQ3X7RJmhWZNK9cMa-cC8qvmizdH6FmlRnTMN4Cqa0WF-0fSnJLbPL1tg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C46427&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=120&d=600&e=&g=a250456c8fd93fd9358a1c3e1790b999%2F529487596614349291&i=71725%2C29981%2C22481&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1675491011371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ggj039ed534s19ggypq3j29w4k1ej3s782633xcwdgsnfck4tnqfscf4wg7zkkc3q3275qhqqnrzjk8egavercnt12343sc9q0g16hzzy13zj60xmmtzpyrn4c6aexr4pr7qzmjnsf56jagy3rex941d7dvacm4hyezq5kvq6mjjzckxvw1grw0x7zqab8tjzjcv1j56mmwkbfgcknqvsxqjz8t7xqpfm6kyj3hp4t4rtvpftmn4mjs6m5744fdnestn0sthbgsd640cm2y1ytp30%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo-ANwvbdY9-lI5eVywW5tL3ADJDhgYRctqjCivACwI23ARABIABglbqJgpgHggEXY2EtcHViLTI4MjkxOTIxNjA5MTc4ODnIAQmpAt5wzfFwHLI-qAMBqgTpAU_QPcGUkaaYvxOplxdJ5rbGMk40JgwdunGmCNVISI6h9eWIFzTR68RI0ws3EclphgKDcoZyf2bIX_0ZCtQP-SRjk-PlTyjBLF90syrvH4IfhS6zawdZYKR66bwiCOOhAxQNNotPuZ4dFNBToo481XktM0oopO_dNVqM5QCvTZ6atJBiKTsjC1qbaiqw9Sw0S-fBgv9sjzlisNZpPlU72-j0YMImplWRbOFcdcovqudI69izgMBj8erU-JI8awTAPgrh_M9Pmnr2ffhq25kH2UkX548pGXZl3KelSGeB1pNZtxeYhM5H4Kf4gAa2jI7H4trNhfABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3fw15MHJpZ2NX6vBwcfas5_LJyTw%2526client%253Dca-pub-2829192160917889%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:30:38 GMT
x-amz-version-id: null
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 81574
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: 2f28od2oLRzqX6535aBzgqcEY0bTbGos_aSdQFSlk9FMXySezju1tA==

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F7FC 4 KB
2 KB 23ms
22ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=61227796;click=https://hal900028.redintelligence.net/c/p9l32xgibpt37pz?tprd=;js=1;adfxid=1x;7197;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.balipost.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bff717ca6d6101320dae8beed8eb96257cc26ed0c9b786fcbd37d79e1e0743bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2024
expires: -1

GET
DATA 200
OK truncated
/ Frame F7FC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame F7FC 851 B
1 KB 50ms
6ms Script
application/javascript 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:11 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame F7FC 90 KB
39 KB 31ms
31ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:42:26 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F7FC 35 B
478 B 22ms
22ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=61227796&csi=o33Ao7amudo4wOIGEyE1qjpcJEkLeV8Rm-bBKnWUJwIJDwKV3Zer3CDUB3VDSihvynkztBE2-g3suzmYe1Ox6N6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900028.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900028.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 12320325.js Show response
s1.adform.net/Banners/Elements/Files/160090/12320325/ Frame 7442 3 KB
1 KB 25ms
24ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/12320325.js?ADFassetID=12320325&bv=258
Requested by: Host: www.balipost.com
URL: https://www.balipost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx00000c6f9dee5e14d3b6c-0063ddca31-3295c42b-default
etag: W/"bb7571baa31c395d64904fd014b94179"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 1 KB
942 B 26ms
23ms Stylesheet
text/css 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/screen.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000003173ca0e0bde4811-0063ddca32-32957437-default
etag: W/"2718286dd1c324429c3275c918a7d109"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 7442 30 KB
14 KB 28ms
25ms Script
application/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000092b7bf2d6ff3edb0-0063765dc3-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 103 B
433 B 29ms
26ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/introfill.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000002b92e5d9c4156d5c-0063ddca32-32952663-default
etag: "eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103

GET
H2 200 text0.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 5 KB
5 KB 30ms
26ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text0.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000000cdd678483f908a5-0063ddca32-3295c471-default
etag: "b40bca9f571a135a168188a0310caad3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4939

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 8 KB
8 KB 31ms
28ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text1.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000008855a1caba8dbb6b-0063ddca32-3295c42b-default
etag: "a56c343a6550b231bbebd7cd72bf5bd3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7981

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 2 KB
3 KB 32ms
29ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx00000a902172bec78f144-0063ddca32-329527e9-default
etag: "4181f5f32caca226a0d8ad7a53c1ae50"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2442

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 9 KB
9 KB 36ms
33ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/stoerer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000006650a1d6d6213cb1-0063ddca32-3295c471-default
etag: "d14eb5ec94009a4aab46ce7a5211ca15"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8832

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 6 KB
6 KB 37ms
34ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/disclaimer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000004e3700d2c1534b2b-0063ddca32-3295c471-default
etag: "2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5633

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 3 KB
3 KB 39ms
37ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/date.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx00000f0a964103f2f2743-0063ddca32-3295c471-default
etag: "a10336568f378491c6b2b47cbab27726"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2587

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 2 KB
2 KB 40ms
37ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000002b7cb2cb618a813a-0063ddca32-32957437-default
etag: "51a99c1aed5feb9089f9af8c15eec059"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1604

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 5 KB
5 KB 46ms
44ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/logostart.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx00000475c025c35cf1262-0063ddca32-329527e9-default
etag: "0539ca6530d6756126aee292b52e0cf8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4815

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 4 KB
4 KB 47ms
45ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000001d57eda27a053838-0063ddca32-3295c471-default
etag: "926213b1f44a9786a29d0fa8b723023f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3791

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 9 KB
9 KB 49ms
47ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/model.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx0000068b00402d4f023d8-0063ddca32-3295c42b-default
etag: "d01dbf544d6187b62332444035791eff"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9352

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 12 KB
12 KB 51ms
49ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx00000c1c4e2da43027842-0063ddca32-3294fed7-default
etag: "273432ea3cb408bfbad853f34722e5e8"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12092

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 7442 38 KB
14 KB 40ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 268593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEHHiEqTf%2FZ6aj7q7J1wMkChIMIyTKCjZhatOCPsRXm9XMhnjnnFElgmwyTazanfDyhDIDwK9QBivpSTvyUXwBf%2Fh4EcVRpKjI8W52Q1a0GiveHOqqs3JnJq72GCX5hisTCpvrfzRqHuHgjcbgUioz3G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413de93e1c37e0-FRA
expires: Thu, 25 Jan 2024 06:10:12 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 7442 5 KB
2 KB 41ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hdvuh1T3foks1T9%2FGCwunbjVsya%2Bxxj8fdBsd60aBiwy6Gly2lcvXjwWuSLXEtQUfrm64WJ1f7J%2FLn7tjpOAkqqnDBAAX2HL9Bzxu%2BFgY6FeOLm%2Fdi1aa5SN614dh7vniGGOMHMIdAyUoNGT4PTsbQrE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413de93e1e37e0-FRA
expires: Thu, 25 Jan 2024 06:10:12 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 7442 26 KB
9 KB 40ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 25400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6dP1lPqNxaJOiC6Iz78EMgsDKwe%2FDg18qxlWt3lU0dI31P5JtLqFL6OkXGSUL6Ul%2F46MqzhpqUhIgFNLOTPfs5eidnjiCPH1XM%2BcPN4MYLgyUCfuX%2BBFrZsZng5zDwdQ6nLvuSdGTYT7f0vywfaTcQR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79413de93e1f37e0-FRA
expires: Thu, 25 Jan 2024 06:10:12 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame 7442 9 KB
2 KB 50ms
49ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:05:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 13:28:01 GMT
server: nginx
x-amz-request-id: tx000001fcf6554d2ce2bd9-0063ddca32-329527e9-default
etag: W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
61ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da26441d1d647dc2c0a7dc0e8bb5d0d7028a04b806b6622cdc667fa2fc2a88d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11302
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:10:12 GMT

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame F7FC 0
150 B 21ms
8ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=46712800015640106783183012225028&a=1346d579&vb=v
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=46712800015640106783183012225028&a=eb415526
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 06:10:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DE0 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf3xVt8siZf6-RTC9FRn3DT7ly0iewXcbh9W-fgVL-nC8qjnJYNJ5OJTPM0FgFJqwKmO3RyWMkb80ZgVxT1WBtfUwt&sig=Cg0ArKJSzMg4oXv_aT9qEAE&cid=CAASF-RorKVRbg2oxrU0NRA6oRbtjYZx2bNe&id=lidar2&mcvt=1275&p=0,0,90,728&mtos=1275,1275,1275,1275,1275&tos=1275,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2974423296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675491010486&rpt=970&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 920E 16 B
232 B 64ms
63ms Fetch
application/json 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 230ms
23ms Preflight 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:13 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A9D 13 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 250588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:33:44 GMT
expires: Thu, 01 Feb 2024 08:33:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4514 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b0ac5696145eeb2e94122d4ccc8ad8fa49ce842335512de876d1aed9720bd86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w2GVx_sMvINr64lRqaXwFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.balipost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-w2GVx_sMvINr64lRqaXwFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 06:10:12 GMT
expires: Sat, 04 Feb 2023 06:10:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 920E 16 B
232 B 77ms
76ms Fetch
application/json 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 196ms
22ms Preflight 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:13 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1997 16 B
232 B 84ms
83ms Fetch
application/json 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-112-14.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Feb 2023 06:10:13 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 187ms
23ms Preflight 3.9.112.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.112.14 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-112-14.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 04 Feb 2023 06:10:13 GMT
server: nginx

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A9D 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 20:40:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4514 0
0 52ms
52ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=68042597855758&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A9D 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ra1knw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 06:10:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame F7FC 35 B
478 B 23ms
23ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3931827028673569564@@61227796,6502152535480932920,100|1100|0|0|0|0|0|0|0||38|1|||||1|0|0|l4F0g-DCskLxBx_RTJEBJ3MpOlvYVfsFeKXtuEP7i7BUc2BuuYGJPPL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900028.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900028.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=68042597855758&bg=!GRqlGl7NAAaq5O5FiuQ7ACkAdvg8WgHtdDSZ-JPkgo-HdrxV6KPesLxnKIJsKg0GxsYmcxcCDTf2BwIAAACEUgAAAANoAQeZAqm1m_xfTqMPArzYB4DlohDWJVmrhEWQVlr4qz9s-Fv-ZMQmx1joikazTvW9c5V-WsjVC9Jol-E5w0YL7og0a7OcjHKnBXyP4RTCq4hqqiKyDilXULWlEMZr4rrgQi4vTIAzk0QBbQierWq-O74D__k8gyGcnDlWDBIAZcLpqHvFpJr9-LjmvVjgxgHOu9iKKVZQ-ZpXY9LqChW0462hgNzt79sNyXax0lo4DAqN_ET8dRn3RyyGYfDKp08nu275d9Y3fOzwouGo8P58jF1Bq4FPegqrecal-kuj2_Ki_2zX-nX2aMw2l9PJa-Bi8JXMdObs9mBPemNC7hLtPUH02qsVXulGoolwwVD0v973eH6yiTLdOLldPVretpaDiVeALJxY7FoKjoDXso4LV4fS4PkoxNoHToiGTCtQl3nj8DXny8uFvDVu3ZT_idVzrQYtSnvM5Cp3ziy9CIccytBJCm-SXZGCzjv-6aObTKfxtAXxsTNTSdeTuwnnn1kqLx-97EYUFfGiuEUehCexUTbQZFDxYgL9WiJgHgmHPWwSp2jbuAqktD4HPRgAjJf09eBR8QnsU92SCP0MmUAzvrFlEirs_RcSEF5A2dIln04tztzjgGHcQPFXjQyngN3_Y7xhO6pdBfprmpdWIlmqLFA-IY-xJRcpXzsPgG9OVMs_60XHB_ZJiuhVKNS4jkg90dD4O8ml3KBq3917WJlywGUTZRvpjGgKlahyRPK682OnNeA0QuZMHmRN4WREi8YTIvGcK0yZrtplCPkhOS52y1iA0vyYn31YVgsQ9ZdXnw5kw7WPHdNqlvaL3RfukubHfHQgeLir169_PxYiDeel_FVwWqc4l01dg7t4uDBKBaEaFcqZGbK2X8f_Nvsie4ruJQ8VTHGpQ4T7QwwXiN4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.balipost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/serving/unload/ Frame F7FC 35 B
478 B 23ms
22ms Ping
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3931827028673569564@@61227796,6502152535480932920,100|4699|0|0|0|0|0|0|0||160|1|||||1|0|0|l4F0g-DCskLxBx_RTJEBJ3MpOlvYVfsFeKXtuEP7i7BUc2BuuYGJPPL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900028.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 06:10:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900028.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/pagead/drt/ui

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5jvO7ZQWgu1pJyT9PLrkEOxZO-EYB9OAxzYt9fs62qEYWV_iJBuwb4xhNeQS2raPRtQvc9j0G4Lihd699-RfWBq_WJAsvDLkDuiyeXTwTljOLwU9MzLOphkvwov-NrwZZrkz-mQ&sai=AMfl-YSiwapJk3XvtFqsPcfRkDDkUutsMU_-YejEcrPx4gdVKHnjYeRRwXGonXWw7qhB3JvDoJ1K0jLzu9EM&sig=Cg0ArKJSzNUSH2jbNwa-EAE&cid=CAQSGwDUE5ymFjp0eBfuGuiyHIqanNWV4zSOenLMbhgB&id=lidartos&mcvt=252&p=0,0,90,728&mtos=252,252,252,252,252&tos=252,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2974423296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1675491009574&rpt=630&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=90&slotname=1151351565&adk=2974423296&adf=811793458&pi=t.ma~as.1151351565&w=728&lmt=1675488952&format=728x90&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009355&bpp=1&bdt=999&idt=216&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=21&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dpDtSm9qri&p=https%3A//www.balipost.com&dtd=219

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6kc8hA0aiU2YN7N2n1t_CEBmz-dbSTBHZxEJazxqHz8Jp6TTBKTv5HumHqLfKM8_PL6caP1F4Cq6gdf2y9kp5LnaKaPe8qGSzuOkGh663YLl16f3a2wvYW9gxRCbvlAIyHAWBmg&sai=AMfl-YQ9mHndIFbW61CioDA2cW3MYVCh5Fp2aLEVS7M8r4CQLDNmgocF5yOFuGoFEDrX77qw-sPlkRKr8FAc&sig=Cg0ArKJSzONuErncuvOKEAE&cid=CAQSGwDUE5ymQITWFhsSUKebWlQBlgbIMqCwgkuGUhgB&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=4143974309&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1675491009581&rpt=659&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=250&slotname=2919055775&adk=4143974309&adf=1046930213&pi=t.ma~as.2919055775&w=300&lmt=1675488952&format=300x250&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009356&bpp=1&bdt=1000&idt=221&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=1572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=w43E4nKgDG&p=https%3A//www.balipost.com&dtd=224

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=3562883654&adf=3043275140&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009358&bpp=1&bdt=1003&idt=229&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&xpc=odSuk5uhg8&p=https%3A//www.balipost.com&dtd=232

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2829192160917889&output=html&h=600&slotname=1398941188&adk=2029127186&adf=3821157256&pi=t.ma~as.1398941188&w=160&lmt=1675488952&format=160x600&url=https%3A%2F%2Fwww.balipost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675491009359&bpp=1&bdt=1003&idt=233&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=1687248506228&frm=20&pv=1&ga_vid=1475147726.1675491009&ga_sid=1675491010&ga_hid=1061696867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071812&oid=2&pvsid=68042597855758&tmod=1432477866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cd%7CaoEr%7Cp&abl=XS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=E8UmEGhsqf&p=https%3A//www.balipost.com&dtd=235

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.balipost.com/	1970-01-20 19:00:51	Name: _ga Value: GA1.2.1475147726.1675491009
.balipost.com/	1970-01-20 09:26:17	Name: _gid Value: GA1.2.1497042331.1675491009
.balipost.com/	1970-01-20 09:24:51	Name: _gat Value: 1
.balipost.com/	1970-01-20 18:46:27	Name: __gads Value: ID=4b03284a43857f53-2248466f9edb00f6:T=1675491009:RT=1675491009:S=ALNI_MaSYhd5upfP7NropBO7bWhYoaeiEw
.balipost.com/	1970-01-20 18:46:27	Name: __gpi Value: UID=00000baf7ab40e32:T=1675491009:RT=1675491009:S=ALNI_MZQZOoRp6olPYt-y6uf8pwQ_cdT8g
.doubleclick.net/	1970-01-20 18:46:27	Name: IDE Value: AHWqTUn5qpVML4lMnw58dLGYhL-wHoQesOWUmxikqt_B9g_Nrh0N7N1LjnpWRURdn8k
www.balipost.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: e86d60cb464a5dbaf462f1646c3c9ba6
.mathtag.com/	1970-01-20 18:10:27	Name: uuid Value: 384a63dd-f6c3-4a01-b11a-c481c1191ecf
.3lift.com/	1970-01-20 11:34:27	Name: tluid Value: 1904840798064341812348
.1rx.io/	1970-01-20 18:10:27	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-52b63add-75be-4aa1-8c67-3ccf90f3db2a-003%22%7D
.quantserve.com/	1970-01-20 11:34:27	Name: d Value: ECsBCQGbKIEA
.quantserve.com/	1970-01-20 18:55:05	Name: mc Value: 63ddf6c3-3cc24-ffdb9-027dd
.adform.net/	1970-01-20 10:05:10	Name: C Value: 1
.travelaudience.com/	1970-01-20 18:52:12	Name: _tracker Value: %7B%22UUID%22%3A%22F0C2C3A3-18EA-45FA-92C3-3325CD4EF0F0%22%7D
.w55c.net/	1970-01-20 18:52:12	Name: wfivefivec Value: FpME0Tkm1PobKz5
.targeting.unrulymedia.com/	1970-01-20 18:10:27	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-52b63add-75be-4aa1-8c67-3ccf90f3db2a-003%22%7D
.yahoo.com/	1970-01-20 18:10:48	Name: A3 Value: d=AQABBMP23WMCEOjkzN4fQCNWu5r43xTiDYAFEgEBAQFI32PnYwAAAAAA_eMAAA&S=AQAAAjYUBzR6vMBlZBMLeOAZa6M
.pubmatic.com/	1970-01-20 09:26:17	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 18:10:27	Name: CMID Value: Y932w98NxDInPKMdgE1qJwAA
.casalemedia.com/	1970-01-20 11:34:27	Name: CMPS Value: 1199
.casalemedia.com/	1970-01-20 11:34:27	Name: CMPRO Value: 1199
.adform.net/	1970-01-20 10:51:11	Name: uid Value: 3931827028673569564
.de17a.com/	1970-01-20 18:03:15	Name: guid Value: 1.7166833055980093619
.w55c.net/	1970-01-20 10:08:03	Name: matchgoogle Value: 5
.analytics.yahoo.com/	1970-01-20 18:10:27	Name: IDSYNC Value: 18yx~29su
.pubmatic.com/	1970-01-20 18:10:27	Name: KADUSERCOOKIE Value: 8C59D5D8-7D33-45E1-BC04-9738118A2785
.everesttech.net/	1970-01-20 18:10:27	Name: everest_g_v2 Value: g_surferid~Y932wwAEUyHEsAAb
.awin1.com/	1970-01-20 09:29:10	Name: awpv11354 Value: 412871\|1675491011\|953f4aa0-a452-11ed-a8d1-22346ba814b1
.awin1.com/	1970-01-20 09:34:55	Name: awpv14098 Value: 412871\|1675491011\|953fe6e0-a452-11ed-a8d1-22346ba814b1
.awin1.com/	1970-01-20 09:27:43	Name: awpv20044 Value: 412871\|1675491011\|9540d140-a452-11ed-acb0-22645d5ed731
.bidswitch.net/	1970-01-20 18:10:27	Name: tuuid Value: 499b6096-8e28-4734-8ddc-37bd1ab600f0
.bidswitch.net/	1970-01-20 18:10:27	Name: c Value: 1675491011
.bidswitch.net/	1970-01-20 18:10:27	Name: tuuid_lu Value: 1675491011
www.conrad.de/	1970-01-20 09:32:03	Name: HTLP_timestamp Value: 1675491011
www.conrad.de/	1970-01-20 09:32:03	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:24:52	Name: __cf_bm Value: kIXgF2L6OjU94KFHTTOdodi5uEsutXeIuFhrDKf3QvY-1675491011-0-ASBbvKoMJS8LeIBmCR+lz7SVxQyubn9ypTkJ2wy5yqqtok73n6aeBIXTy/f9MIRYDriZQh1hZ3XrLP+0wMZret0=
.awin1.com/	1970-01-20 09:34:55	Name: awpv11938 Value: 412871\|1675491011\|95501380-a452-11ed-ab4b-226222ea62e0
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.innovid.com/	1970-01-20 11:34:27	Name: uuid Value: 5f407f74-8c62-4064-aa3c-8082f0df7824-20230204 01:10:11
.adform.net/	1970-01-20 09:34:55	Name: TPC Value: 1675491011799
.congstar.de/	1970-01-20 09:34:59	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1675491011_95501380-a452-11ed-ab4b-226222ea62e0%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/	1970-01-20 09:34:55	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1NDkxMDExdmxlYTFkZTIwMjMwMjA0MDcxMDExODEyNDExMDU5MTNYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 09:34:55	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:34:55	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023020407101181241105913X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjc1NDkxMDExdmxlYTFkZTIwMjMwMjA0MDcxMDExODEyNDExMDU5MTNYMTE3NzAzVjEyMjYxMzI3MDJNU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cse.google.com/cse/cse.js?cx=006110151650712899775:ob6p-5smcy0 Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
balipost.com
banner.congstar.de
c1.adform.net
cdn.contentspread.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
d5p.de17a.com
dclk-match.dotomi.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
image6.pubmatic.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
s.ad.smaato.net
s1.adform.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.balipost.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
104.18.33.19
13.248.245.213
136.243.149.243
142.250.180.230
142.251.39.34
151.101.66.49
18.130.177.194
18.156.0.31
185.29.134.245
185.64.190.78
185.86.138.155
188.166.207.31
2.19.44.80
213.155.156.167
213.19.147.44
2600:1901:0:76b9::
2600:9000:2204:ea00:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6812:7e05
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2003
2a00:1450:4001:810::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9a
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:807::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2003
2a02:fa8:8806:16::1370
2a05:d01c:1d8:8101:12a4:d572:eb13:afa1
3.122.16.208
3.33.220.150
3.68.24.7
3.9.112.14
35.190.0.66
37.157.2.249
37.157.3.30
37.157.4.24
46.4.62.19
51.75.86.98
65.9.66.92
69.173.144.139
84.200.5.215
87.118.116.9
88.99.165.19
88.99.69.161
92.123.37.164
99.86.4.94
00f81781064ba4d9dd024f4a225604a57e30d256bf1526622c91561c36a67785
01c4b7ea2a08142064d2c3994a2cc73d7c55125d586d2a918ce3482f4439e1f4
01ce2ae112dc4c76200f1b2c0a83a902e40e0d76559304383c5f28424b82d914
03585b5ebb982715d59560def5c14760821e2ad65fdd486cad08fe34ab28f300
042a44c667b7423db51b5709d9d078ff690dca919fca5b40a2ea3f59700a5561
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
070135efc1f767bfa35e3baa57f2159bda8fd90bc793a50891708f7e3f1ec43b
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
0780defe5ba5863237025d0cfdc28e5304dc35c7bdb3ee6e283cba3f7aff46b5
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040
08e0d913aadaef201fd3200ca49fa991a2d8d02b3d9a54621123d71837bbc73f
0a64a8e8c3e320320a0340916b6606014c2193eba441414d2250636ebc834839
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da922d3893e736820ddfba802b6d8f1c93dee84acf29625f2a7aa70b9dac144
0daf9721063a9c0431d4f2097dd6377d04f83ef93b3802832f1cceed3fd16ce2
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
12f0daafcb2564c17988b4b35be5ac578b86c7e5100d54eead4a1ecb22dc3c13
13a1889f00fd2c485843b0bd47ac837f8cb6fd68a527bb256b9055a5825c2f3b
14852da368645c1124930acda9ee893164b23d8f76ca4efe918f939c48584d99
14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947
16b11d86d520542cbafcd9b7fabe0c2915a87555cda015eeb8ccec0d478af9cd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1c573265f3457128d34cf985580b5a2a277de9303f552efe0d55fa2279eaaa34
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1da9e1a5c7ea75f3a6c17477e6b45cabdb25fd4e78aab3db3f24e20aa99b55e2
1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8
218b463d1015f6d364af02ffb5140470540e96bcbf5669eef4fb4bd0bf358142
243a13a999bab66e6d4aa847ecfe386b2d4507f803d47da4902186c194684afb
25bd2dcbb8fe8d036d346302b46f8a72c0d8aafc9fb152b44afd648a9a1f9e27
27f6e5ef1c503c3a7aba46e0ae90859b9a8a401d5f5581f1d325257f8a760cb2
28d9374b9c173602edd327992c7696a708a524f590d749e8ad31855f4fcd7e2f
29b6d63777a25ee9e15543b7a7782caba90af3bd0cc7a2021ccb2a5241ae71b9
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2cb63dc9bd6c4b36fb27d7fd0c4446a8b06608e8f75fb975d0547ff387979fdf
2d3f1262723ebc47332462fed5355061924b5a2ad5e34ee4412f2f81958c5d56
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e31ba6b9e380528e11d8fa08c225ed1dd8968d153e2f3e56a8f9cd67b856491
2e9a216c1e7bbefcdfcd221fb062183a7329de996d207773200849de6547df6c
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3133720963ce8deaf0ef9eff49887f8c8fa260808e7c3954eeaaa3aafb28b772
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317681b1a750d61380dc629262df35675467a5aed72b5d472833e0ec6d464f0a
32879fa63106d2274fd3a49869030f5891a0d95ea33efc1cbab2f0b26e8a3ae9
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c
3728cd70035de1dcb42dc4088a299ed643d82084cfd1e6a0fb96316c6d87bc52
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08
38fea580d7308b1021a21de1b0d57d1a4cf09de646c16f90adc2d8393fe9f90e
3d856dcb624b1cbc91a78c398493d33c9f69270db63d937204b434506aa331da
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4442d05849dcab52d6997cef6d5ca393c0e0532024466adb07beea6d2d38ea26
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4568e5c1238819a11c6fe45bfe0959c18020bed1bc93e8db8099c2a8d3e4b034
475dcf95fc330f8fa684115576568b15a255102f3ca4f2c60ba68df04483e471
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8
4a622b4b4cb7f1451de2770c8a429703e71e8762010cfcd0ed47b34afdf127fa
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a
4c7bd4f26fd058113bc723438a59d108924db23d03dbf42744da1dff13b754b1
4d48c41075f946b87b5d28b956eba524d999fe842644ad835d63222787485aa6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef427307dd25f232b0f24e5a33d28be07a0ef2508206f3f5ef674872542d07c
520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857
527a8d04b35853c1a30b0d2c1937e40ef54df5234e512d216bbda3ee6f24b92b
558cd367c0ef5e3ae7513f6cd81f98649bd5b8a1d45ccdc702e4191a6e456ddf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fdd5e79a54b488e0085fc0082d6c5df5fee441843166ff1db4f006d08e8281
577c1a1703309ed180f89c830ab65428a4c97203a6d83ed8fe146d0577b158e2
58851ce24d16ff67924516a89d870d3fce4e88c5fe37d6488f38e35ea81d9832
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5afcba41f7531afcdb5dfd701fc7a636a231dc0a5a10eeb44d98d82d7402505c
5b4d31192aba6f76ad3ab4b13a45456e2d0f5dd63f1a841fb3f986baa6ee8155
5c4aa6d686a05e2596f0e3b7a32d45ad9c6a0f3c26db0e2ad2b1e416a37f43a7
5c715c66572d4f5a7648af2fe46d9e3f6692050bf83cce16e898d67044d18abb
5d02adac15e34cf8f7ce081e8494b9522091281a4adbdfb0c12e7a6bbe3c98f9
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e4597cfc1e059a991ff24279c1b0e0f80a5e1a1885832292cd9ae623f1ee816
5fd0136596d768ea3b04a98065190a3126dfa55ae360ef0e2cabcb4898724c65
6055a6598809a88726c521ebb7c95aba43f5ad5dc7dd1233e405abeddacd01cc
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60e52a19fe23790b163dd2a27b256eda989ec4b90f79b0abe0caedb1d44a0796
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62058cb67cddb5a531f1749b003131fdd616fc7bbf88f4632b385830ef020c0b
639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb
64a9f2909a7d2169cdb6f615b9105e49cf75a12a16fbbefc93af6cfa618dbea6
6552b5001c6029341f5ae010016614d1480f7deedfa84dd422b589ad942b7811
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
66d6ac5ee8e5daf37403d7104e7ff47ab0fde578ccbd99d27ad6a793ae16f3a0
670aa98261f6f47763a0e2f55bfa5dbdcad3feda46522a9cb0d1be718897f227
680d3524327a5c2d6418ce70642ff47df1f7a8c3a37727d8e968b68aa0befd72
6982e01e50a701aac5c3f15b127c5caa972143eeb5eb820ff5f6803f7b3c8f3c
6b9a5f7f36f8f4940af525e24fb0457441119faf8d5fce0a077b8ea3862747f7
6f0918a5bbcba67238bceb4ee89b68394124d02bc618afdd06ec915556521a3c
7078e9bfe5cf29b4352c2e2dac93d047c6f4ab1265d1c44ddf88b63b5646cff0
70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc
71a3c4b86870ea13d02cd4effc181dfe5b1582109bff2b79a998b64fbdc25e7a
744143bb86f291cdd8b04fb1ca19b86f1c04f71394f1714682df1619971bb5f4
749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06
7624ecab97af5f18196adfc73ebeb26ba84ec0cfbb061eb5342b8f65425085ec
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
79e8acad3757220fe08f18ddba9afffb7a9d41405f7e3e197199f09e06c98285
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7b0ac5696145eeb2e94122d4ccc8ad8fa49ce842335512de876d1aed9720bd86
7b1ba005d8724e0103e94e772546c85e5118ac261005c365f20877ef78ade7e5
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83
7baa7f3998cd62d80bcd955acd34258bc42ce02dcef03c769b3e5fc3ebf3f6c2
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2
82afe9399e94c31843c363b75aa5e45a332dc01a8e78e46562cf4598a8372787
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8346e7dcbf82a10394984a1719d6c24fbad7287d9dd1b02f3188660fcb8b79ee
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855ffaf8cfcd55c62278da9898d1d37bc1b56bb76b3a686a02a478f64c070858
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88338376e9ea49dbeee61d90650b389d9a48bd6a6dce148851cff3adbe2290c4
8893c0186651a4b2c860bf4f011b70d6fd8735b2f2ca89239b1a1f99f575bfe9
88b0379349a4dda6ebcc43c5bd12084d230c6105a6fd3c2f651c4e771b3eabef
88bbd6dff28a352e8ece64314529cc2b05c37302224ff46853376daf74a40d9c
898ba5f231a1a1227493f31318de90ab8d2d3ae71245f601680a1946f55d8bd7
89fda9f72dcc26f0466f4db603a3dab7a96510deada7629b48afe4e333cd85fe
8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a
8c9a04fabdee4668ace88c302ac7d6e1fc9a3c7a30572405099ab087bb4131d7
8d11229df149b1b604ed52bfc3b672bd7921b685a7f290e8ff877e3b7222a1bc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ea8be5f9733c07ca7b7aaac3526ba6b4eb6df006ac62682cf1a536fd1aec260
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
93a84e5adde0794c3a4f06726e79905f127bbeaa675c703d57611d7e9846e9da
94e03a0b979dc2917b937f294b1c3119a14918b8c3089a0101b6052221a60d7f
9605460846a5247ae9f7d94da7898e16f90c30852b571a533d3dde3f273cb6da
976318f8c146300f5a79a33c0659b0fb8ab7d7ef634aeb94aa38f49e6635e1f4
97d0b51e9378fb3b6701b75a0acc87b3a94bc7c754d70cc13acd315818ba5dbf
9a4bb2cda800b4463b59e9fb2b9c879127a2682e54e45e3e9375d22a89900a58
9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e3eb0f2f8114459f9666224c187f2c2cd33e4d7b9a10556469c4404967f0016
9eb1c22eaace3eaadbc65aee8f3ae9524aa610d7d5e200a96322f42e1188f00e
9f43ba6055649283d10405e02368f7e2197c1684bad6f084661871325b03d8b3
a0ca05af1e4c6cd7a3aaddbcb0d5b4ceb418b86941d374d93d37978c32d343fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a140ef7b30807a0310338949fe4460a2e9f7ea71503c917e12550b5c06ac68ea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5516bb37196adb588b3ee88e6a07847816320e15318f37c228763d28e1f3ffc
a74ad4b94666ee0f1d4ded8ec523ebdccddd18c9f06592ffe87ab674ef6fbd15
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa3ad3b35fa7fcc80ab2eb9c2de3a230c80628741232822e92fb13c830578c8a
ab36bd3e79ff9e9f7b09d77501725975fe813a119af04a38146a019af78c035c
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac22cc97540c372609bd3cc1195e2153b7390da19342f49458e97a32db586eaf
ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad
ad3616f8f2aa610e535c677b50a8e617ee4168aba7c0c050f0cfac69c4682458
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
af9eb10bfcbd7908965ad606415ad1c31529b8d2d85b5c43b25ffcdbfe6ea01a
b0e60bfe6c1170c06e99d7364ae9ca7429de2b5c501ac0819d4a8628c085a863
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159
b82fdc5eb2fe1f654362eda77297507118b2dec1fb16fc3fe393cf590f9b8c5d
bb3cd0189708f2914df04c6adc00ef07a1f64d376dfe6c548d4f02e7bb3c113f
bc520f34e0e2530005a386d108c6422878efe5eee987659ba867015fde2ddf53
bc7a2f5ef6df036657a8c1ae6e15c836d553a21443598ce5d729e69ff0d6bfaf
bda6de7191fb31fe41ba1fe08532b09c39f7753aca12545dbb6bd3f89155cff7
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
bff717ca6d6101320dae8beed8eb96257cc26ed0c9b786fcbd37d79e1e0743bc
c0c37eec6e1dc78f492ef6e15814f5b91360a57e437f7a53afef46cff610cead
c13d25e73c58817709e7a5249f64dc37f0a6e0be544b9ba5cd05da37e096accc
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c40bae480ece754561ff5f38ce646abadaf26c947c3c0fe88b99c03ec379bdb8
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c6f2ae620b42156c1d34649d570b881fd4816905f85188237474ec42b66519bb
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080
cb2b35523953ca8de675f1f7df0c547796cc6c3f90ef63e154760a4125b3f7da
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc57c4255ebe9603c3828eea41cb6001758b8f6834deef9c7cab57474641b77d
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ce8c6ae7c4058553cfb110aa176bfd69c0a7c9b95ddcb7fc02c47480db246aef
d03451f789ca7decf10c1cd48d8d007f7921dcba42f0d7c9a063f7f0e5146c6e
d03a0e0c2c6cc47e5799d246a77f6803365c08ece711e91e5368d5cb7ca70ae0
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
d716856a5d7ef4f89e5b8da30178a6d8770f755c1838cb55f9646352c7aaa768
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d84d3327436fbfa59f28afb68d118a14bad27552c15d69aa57bb08e72b7adbdb
d8a754aeb7ddf52b4696dcbb5f3d43f8a3f1b4f7ab2e2a8189ead0ee1675e65a
da26441d1d647dc2c0a7dc0e8bb5d0d7028a04b806b6622cdc667fa2fc2a88d8
dab3c31917be5d3198ee73bd335fbbff296246e1dbd6db3f77caf348003a9815
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db9be41b675f2ee97efb1ac6099b209c081cd417115768295a5e70818e434f69
dbdeae96203870e03ce6b9a0d5562d45e337ba3662b1f604b685cf1b1edd9218
dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df0b23dfdd700d1223ac41bc104ca11c7f45cf4c2e7758d32be83f33cb329807
df8cf94c6c06aac8538d3b41bb58f8ab2ef023a8a4460b58d57fe4422d9d6b1a
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e2780421fde3ad718b748203906425b9e2a9c9cfdb68e68f5990658dcc4e8dbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424c4c20d40e69bc6c0f5794d725ade9381b666be9b0128bd36f30fa8e1b0ac
e4785a283a3374cfe61ede0a646a83a6fc99db155ae033ccba7d03ffa7014bfd
e4c986ed22fb9d7ff6baf85ae7e71a74f8ec50ce21cfac1107defeb7cef6d6c9
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6db1c496e61d476ff8ccbe4bde6f0c5daec62d689d441182bb017d7ebdb5161
e77789f15248b88d9867e0238ceb84ff2279871f98aa15fdd7ae66f895d714e1
e80e4a0299b436925a2cd3076299d5db0d8c2ad6e9d591df2c07ad784a32d92d
e838e84ff36c7716639fcd8fa6aa2e543536a98aa0a4ad20bfb6fe3fa7c13137
ea05e1e3891c28f2c242bc3d2c3a9944ca2d6c9f0c8fadf209e9e93442ac46f7
ea968f1a1dd5e315a5f94f1177d66264f6ba7a6e5e8ace2d3d953b5864e8f4e1
eded12b276b31b3393992b0a701a16b79b4a5172329a0e3ca59b97ae862368e2
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f188f6b66c3985d323b50898dfd4cd1d850762bb370e9a60f5f4b8de198b7ac5
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f452eb0737b9ca67cfab10b08db9ef43cd2695136d893c659568bc88055630f1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53a4e4bdd08e765ef377eec73ae37b4ffbe694654e6d38d9dc8c655a5e58ee4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f64bc8aad23e3053915ec5e0559923811590e323783ee2a6fb853b5b4717270e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f94cceef8c9d24c45af5446bf1a8431cfb7d1e3596b9cea1c6ee01513e9638cd
f98171dbce7a2b0b33c1da4522413a5bac09a29b3326d1a863d5062a529bba9d
f9f4fc927810c8c450a644361caa62fad39466a12a7dc6d442da1da90316d621
fa79079ea0b82b1325f59d113913bf0a168df6bbd223ca97f4b1a831f7576a4d
fbe22412efdc4b5dc49adc47132fcfdd184c3b5f99a8d43321a38e1f182d0b1b
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc58b23d3f77487278dcf48df8b26048ee6c880cd7adf98901523472045fa9a7
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d
ff37bcc143b2d424a3963690babc38d50b11db540b7596a3d984ae8fbe7f8baf
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.balipost.com Open in urlscan Pro 188.166.207.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

90 %HTTPS

43 %IPv6

45 Domains

62 Subdomains

44 IPs

11 Countries

5872 kBTransfer

11054 kBSize

44 Cookies

10 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.balipost.com Open in urlscan Pro
188.166.207.31 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

90 %
HTTPS

43 %
IPv6

45
Domains

62
Subdomains

44
IPs

11
Countries

5872 kB
Transfer

11054 kB
Size

44
Cookies

367 HTTP transactions
11 data transactions