blog.s.id Open in urlscan Pro
2606:4700:20::681a:6f9  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://s.id/nS86M HTTP 302
   https://home.s.id/forbidden Page URL
   
2. https://s.id/1SV77?s=skip HTTP 302
   https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://s.id/nS86M HTTP 302
• https://home.s.id/forbidden

Request Chain 100

• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 104

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=6TvzUHxGWG5GOUhLQjVTTDVveUJtYjVISjU0U2dCRC9UZ3hzbDJoMkVZc1hkaXgzd2EwdHNxSXJ3ZjRDeGk3ZmdKSFhtTEpXSjdpTFBxeUFJK0w3aGFENU10UXB0Z3o1cDNFUUJWYUFhWUF2UmlsMmt4Q1hORGh2Q3VPRTBHRUFMU3E5YnBHbTExQS9KdHRDVkVkN2Q1ZW1yZVZ6aitCMm1HTEhuVGxyRjhmdmpiNVA1dFlUNm81UDNXS1gyQ0xwVGw4MmpyU1FyR25JN3YrMTd1ZDlZdjhrWExnQm5FNjZpVG9WL2g0ZU4rU3dKVTM5dENtVHNLNGk2L3lXbEgrSFFxM294ekxrOXA0WTQzYkVNT05EY3RJZ2tiQT09fA&cppv=2

Request Chain 143

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1

Request Chain 144

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUiUGu2UmGZWZHdykCJErgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1

Request Chain 145

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEG0HbEF2gE140ZQbv-9B1Fw&google_cver=1

Request Chain 146

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D

Request Chain 147

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENmHSTb280cnrCY66HA27PQ&google_cver=1&google_push=AXcoOmRG-r4AnE3g4gTyIjv93bL2FPWeZnOR6eXsCiAkdiYc29FbV1HCVTl3NXf-j48a7iAOW8LHQwrrz5vmlmEokmi7t9Bv87IF HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENmHSTb280cnrCY66HA27PQ&google_push=AXcoOmRG-r4AnE3g4gTyIjv93bL2FPWeZnOR6eXsCiAkdiYc29FbV1HCVTl3NXf-j48a7iAOW8LHQwrrz5vmlmEokmi7t9Bv87IF

Request Chain 149

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAKLWyuHANMkFqrRgpSk_3U&google_cver=1&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODnTdlwCynlslzkw4DWNLjk HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAKLWyuHANMkFqrRgpSk_3U&google_cver=1&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODnTdlwCynlslzkw4DWNLjk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc0MzQwMzk2MjIyMjc1OTM4MA&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODnTdlwCynlslzkw4DWNLjk

Request Chain 150

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGlWSIqlOzhCESRZ_DTeWoM&google_cver=1&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnvN3WpiWF5naxcx4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bc8HxRBXXpNR-zWPr5lWHS2NmE0&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnvN3WpiWF5naxcx4

Request Chain 151

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_3uSZlJuR88jyx4BoNZfk&google_cver=1&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shyRwoYQqhppOVULPkIwIHpzzz0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9NS1FVSk0tMVMtSFdZQQ==&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shyRwoYQqhppOVULPkIwIHpzzz0

Request Chain 152

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIgIjI1bSJ-GC8R6W7hJJjo&google_cver=1&google_push=AXcoOmSbCI3j3SQFuGpYVNGeILrfD-L4TXyipnOtSkhYTvi1D77QSl-WcExKQ97jMFeflaKaqpNbIa7PQEqBxgcjk8EpL9FuY2tDSQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSbCI3j3SQFuGpYVNGeILrfD-L4TXyipnOtSkhYTvi1D77QSl-WcExKQ97jMFeflaKaqpNbIa7PQEqBxgcjk8EpL9FuY2tDSQ HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 153

• https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUfWrsRwdXb1R3ykmBI60aL2W5pqTQeb6mrnKharjhshKLYeCUdrIuyB3-hdttOHdBCKe2A HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEION03IasDCGxJKYSMM47tw%26google_cver%3D1%26google_push%3DAXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUfWrsRwdXb1R3ykmBI60aL2W5pqTQeb6mrnKharjhshKLYeCUdrIuyB3-hdttOHdBCKe2A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUfWrsRwdXb1R3ykmBI60aL2W5pqTQeb6mrnKharjhshKLYeCUdrIuyB3-hdttOHdBCKe2A

Request Chain 155

• https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEMVIcx4-M3IDdl-KqL5gUJ0&google_cver=1&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSum_VF8Yq1djTVz7eu8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSum_VF8Yq1djTVz7eu8

Request Chain 156

• https://a.c.appier.net/gcm?google_gid=CAESEEKm7rCJ_gs_6_xEcue_6OY&google_cver=1&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qblYbpF910RKgPnSCe HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VThRR2dHUktEenlGTUhnSUhKUklaUQ%3D%3D&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qblYbpF910RKgPnSCe

Request Chain 158

• https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSPbxagCJjvWe1mcDWhExpt849nsMnZZwFSg_kYVo5ugi6Z21C8-4GIEXEP2xu32peaimwFZXjIBPAcOvfuRgzIWK6gj94t&google_gid=CAESEJmn5CyE8oSpqlLdfLzNjWU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-57XsGtrbKPnJpChwWKoonCTNK-qQymcUPxusmQ&google_push=AXcoOmSPbxagCJjvWe1mcDWhExpt849nsMnZZwFSg_kYVo5ugi6Z21C8-4GIEXEP2xu32peaimwFZXjIBPAcOvfuRgzIWK6gj94t

Request Chain 159

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJCxbIqAIktTF_e1sPVGyDM&google_cver=1&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJCxbIqAIktTF_e1sPVGyDM&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY&google_hm=VjRCUmh4dFB4OWU2aHVLWDQtN1M=

Request Chain 161

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIgIjI1bSJ-GC8R6W7hJJjo&google_cver=1&google_push=AXcoOmRZCrSYiv57zJ-o0GlAYxrXo2ntCbFqN2LDW8UOYEIOhVONofn09jYylg0KoOrABaenDszkxCzgjUIZCIXpalwyWqkbFuo_VA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRZCrSYiv57zJ-o0GlAYxrXo2ntCbFqN2LDW8UOYEIOhVONofn09jYylg0KoOrABaenDszkxCzgjUIZCIXpalwyWqkbFuo_VA HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 164

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIVAKVQextSvG1X1vy9f2ao&google_cver=1

Request Chain 166

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEJM18mB37ZgeArf3dPe5qRI&google_cver=1

Request Chain 168

• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBsQD9LmkJiJjKfneZis_lo&google_cver=1

Request Chain 172

• https://um.simpli.fi/gp_match?google_gid=CAESEDKdz1Bqax7C-gVmhC_elxE&google_cver=1&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LPerL2aBoSD2FX_ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=305494AA60174FDFB8EDAC8203357B3B&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LPerL2aBoSD2FX_

Request Chain 174

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEKiU3VVZVikj5UvGLV2bucU&google_cver=1&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUFwMEC_iQSD8_hSQ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VKj8SU8nTTYaaNlJinzs5g&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUFwMEC_iQSD8_hSQ

Request Chain 175

• https://d5p.de17a.com/cookies/google?google_gid=CAESENKLr7fKX31akPCx04soJ8c&google_cver=1&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESENKLr7fKX31akPCx04soJ8c&google_cver=1&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA

Request Chain 176

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBxVN1pXF0sjJkj_SmnJ0-s&google_cver=1&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq__g HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq__g&google_gid=CAESEBxVN1pXF0sjJkj_SmnJ0-s HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxOTY0NjYyODE3NjcxNzYwODE3OA%3D%3D&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq__g

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	forbidden Show response home.s.id/ Redirect Chain https://s.id/nS86M https://home.s.id/forbidden	69 KB 22 KB	313ms 275ms	Document text/html	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 74562a90e2eca8a429818a71b57e7e3c86cce4c1c55a6714e5f32836b7d66deb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, max-age=0, must-revalidate cf-cache-status BYPASS cf-ray 821b95324dca1ca9-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 06 Nov 2023 07:21:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFyjTFEnpZz%2FEmrNESXL53wHfMwyW1Mxny0pY6N9nHX9F1MEXnPchnpIW7Wink4EQPf0wO%2FUNikBTyUZXx%2BV4fsGmwdS4kFmHhlIaq5H9mbXbU8GHGKuTQaJlcT5mjQsYvBRVBUZLg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by Next.js x-xss-protection 1; mode=block Redirect headers cache-control private, max-age=15 content-length 0 date Mon, 06 Nov 2023 07:21:59 GMT location https://home.s.id/forbidden#action server nginx strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	montserrat.css home.s.id/assets/fonts/	3 KB 842 B	274ms 272ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/montserrat.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJAqJ%2B4RLOSdNYlV0K9Uy5RLoh4dpFl4tKgDi1ZFRiMY%2Fv%2BFvsHsJdPC%2BfSl9u6xq9rXM0eZY3IVhwM%2FIj1aV1s4GYzalg5%2BAstUkJGxTgj%2F3DaOuXUK4Mcs7AYzFsmkRgl8VyyiCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=300 cf-ray 821b95341f8b1ca9-FRA
GET H2	200	work-sans.css home.s.id/assets/fonts/	4 KB 729 B	389ms 388ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/work-sans.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXRfhhC5n1%2BJrBrdNOMzpYGNmuinJhBYAZmHENEfpofwtjSSBgQa2UdB8EsBxr2Ng%2Fho8DXBBzzvLkPWLGi%2FcRVNt91DoDQpoWPovIkbpcMTiTe8WmNRrjA4FvSegVKvKBQU9OPcnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=300 cf-ray 821b95341f8d1ca9-FRA
GET H2	200	bbbe4a7a22dff737.css home.s.id/_next/static/css/	138 KB 21 KB	24ms 23ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/css/bbbe4a7a22dff737.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a1e03187140f7fd373409bc2286e8b78b2597a6a939468f75d5230fab95d599 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257322 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"2271a-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5WkYJKqW9YikD%2FpTqKPZM11rLeLIe4ICC%2BIg2Vr%2F5dhH7T0Wik23s5lSj9JRPsd%2FIQ63xlxNwv8%2FRAbG1f3dBSW81hATgtR%2B9ARHKsP8huG25qrG6aXARxGyQZDAMQpgcPmbJvjlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95341f8e1ca9-FRA
GET H2	200	webpack-8753e227d0c431c2.js Show response home.s.id/_next/static/chunks/	4 KB 2 KB	25ms 23ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/webpack-8753e227d0c431c2.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94b21681a391b1570f353142a05b31e1187ea1828f2c0252fc9159f3f252cb18 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"11af-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPBGGqrBufcbDBQq8Us6%2BWMOchMN1oZW4ilXZEBWjf1VjVHyJ0YEO18qITgcybkjjguTl785mZC94W6xRqkgaRWLjJFSgqGbYtFymv1iaUu%2BcGnmPMIYXqxKmPbB3koFvTdDiMAIiA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fb41ca9-FRA
GET H2	200	framework-c77b5ad42e6fa06c.js Show response home.s.id/_next/static/chunks/	138 KB 45 KB	27ms 25ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"2272b-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAR0oST66wS8pUqepmZvYMxz3LWKdJDt%2BSVKqdBBgJ1WKrSyetD0XVbOyDOVoySm%2FsKkIRGMB71iifUoI4i2JxNT6n4bRngE2n%2F%2B0k4rxY2Q15C7gMs5u22%2FkXHNP%2FYiDbXJ0qYcHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fb51ca9-FRA
GET H2	200	main-45f200f3cb6b7b3d.js Show response home.s.id/_next/static/chunks/	97 KB 29 KB	25ms 24ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"18214-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOxIB275JFnfnLYPl8kOJr8%2FTeFs9SQ1MnExww6vYkZht7ZaCSJ5EzK7ytnyQXlC1reQgJhtcDzDpULTZdfd3MZKICBEcDRnxLMXZ1NwoY0TQoFeYJ%2Fp03LT3GH9nfXjOSFh5VHb6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fb61ca9-FRA
GET H2	200	_app-57668931f537ba34.js Show response home.s.id/_next/static/chunks/pages/	419 KB 133 KB	36ms 35ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/_app-57668931f537ba34.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fada8980132d26fb1a7df910ec0d0b05343765a5adf9a96784d6b60978b0398 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"68cf6-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQDodeIeeK6b5PtUln%2FEXWi696goFySPCcQl7vcy%2BRH7ljqfYv7rElLsnbHKxa%2FqtGUTO89V84IzKyreSS7vZy4WFeO%2FaTCMXAXXqwSVKXVNW8FAwnXzyacMnrF4fDcpAka9iPsULQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fb81ca9-FRA
GET H2	200	forbidden-29883e63e1ce37b2.js Show response home.s.id/_next/static/chunks/pages/	4 KB 2 KB	32ms 30ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"eb6-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIk3b4C%2F3vhTywZMNyeFCD%2Fe3wBaJKNlkc5U6NmEETQWbnYmep5yumgBnSv4tdczMQ40rsbonpx8p7glCmcWuRj6K7axBhUIN6X66jIlosmIUhlkKgjM%2B72%2FrgbCm7oKHJmJwV%2FAlA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fba1ca9-FRA
GET H2	200	_buildManifest.js Show response home.s.id/_next/static/AKDiehyE4CVEqvHJaVYoC/	9 KB 3 KB	22ms 21ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/AKDiehyE4CVEqvHJaVYoC/_buildManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29e6bbadea30bc4278b060cd5a7fd8a096a4a00e5919a81ada0108acac50a51f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:47:48 GMT server cloudflare etag W/"25c1-18b942708a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7c0lk7p92wQRV1RlviwrmVTb7j5%2BFspo81jd0N8iVboO5gZHEyK%2F3PbxCowZ2YWwxLBv2zvtAKP4bCZs0FhrECixJyXjuvHBQD3JvYwb2BkZheEv2OyKuER%2FiTBL148eCWncSVhTFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95342fbc1ca9-FRA
GET H2	200	_ssgManifest.js Show response home.s.id/_next/static/AKDiehyE4CVEqvHJaVYoC/	91 B 405 B	32ms 31ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/AKDiehyE4CVEqvHJaVYoC/_ssgManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 257150 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 03 Nov 2023 07:48:27 GMT server cloudflare etag W/"5b-18b9427a0f8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGzZIE924kmT5ni3zLA2t57ecBRqnx4dire4aIlzOClxTLpYbpM3CVrBDY3Y6uVwC%2BKzHcc7ijwnUEYxvQNa785k20GmDRp2i12ptkRavX6vnru7RfEm%2F05SBdCmRdMXVYQhGMeKcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 821b95343fbd1ca9-FRA
GET H2	200	403.svg home.s.id/images/errors/	4 KB 2 KB	258ms 258ms	Image image/svg+xml	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/errors/403.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 27 Dec 2022 03:47:41 GMT server cloudflare etag W/"1136-18551b16f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cad3CsVM2sopTT8uNOlsV6bkohxvsWvZYdd5SG0IjYP9armaLd2RjiGYhMnvre5oZa2uqOIAkOxOFf%2B%2BZwZNEoqO8wtuJAFtAFiDgrru3H0jxmL4hjgfa2Unml42y17eCc1aoVlXQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 821b95341f8f1ca9-FRA
GET H2	200	sid-neu-logo.svg home.s.id/images/	8 KB 4 KB	339ms 339ms	Image image/svg+xml	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/sid-neu-logo.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 05 Jul 2023 23:09:20 GMT server cloudflare etag W/"2120-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3joMcTV9l7gBHxwXJMypo4Vp6agjAJoH6Yi4V%2ByL9SKl9F3UViJtDDVkRPFURFpUrIm41MdMQmkdrydbswuM6WVqC%2FSrXsg%2B3DiiZv416ENX6tafDmEGHj03wOcrVhyxsFbCghXJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 821b95341f911ca9-FRA
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	76ms 50ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://home.s.id/ Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:21:59 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 821b95345cba3686-FRA
GET H3	200	montserrat-normal-700.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	237ms 237ms	Font font/woff2	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-700.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KINLmWoMTnQIdh2MfFcpeN3EJuu2zbqiuVE%2B%2B59j50xf%2FQcYYy0p3Z%2FsWGKfW6U7Zdfloc54cO5x3CCqCDe0SM7qNt3aLlFrBBrsHc4qoyeqqIBoqAqiSlDwVETFHoIXBdghM1Qc9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=300 accept-ranges bytes cf-ray 821b9536ccd7196d-FRA
GET H3	200	montserrat-normal-400.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	251ms 250ms	Font font/woff2	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BgyzJy1gXmvluzG3mndjajoA4CdIxaWlatjJB8TbIRQb2cBGrrFm4F9wF9eBV2Ucmq8shfJqnu%2FZIx15c%2FpeJcXSRE1pb7g4GhFxFawUIFQ%2BvMrewbq8TNmPy4dULoyfajd%2F0sJVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=300 accept-ranges bytes cf-ray 821b9536ccde196d-FRA
OPTIONS H/1.1	204 No Content	me app.s.id/api/user/ Frame	0 0	605ms 176ms	Preflight	45.126.58.90 IDNIC-PANDI-AS-ID...
General Check archive.org Show headers Download Go to Full URL https://app.s.id/api/user/me Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers ds,x-rpc-lang Access-Control-Request-Method GET Origin https://home.s.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS Access-Control-Allow-Methods GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin https://home.s.id Connection close Date Mon, 06 Nov 2023 07:22:00 GMT Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET		me app.s.id/api/user/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 84 KB	43ms 22ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9830beaff1ed265b609d358ebb742855f060c8ee58595f1ab4e204780e703a97 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85271 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	55ms 34ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c1c90832638443b56b1f391dc997c4ab4320305306cc41e357eddc1df61f86c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86092 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 76 KB	48ms 28ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7f41d431142aa9e1edd3a86b51276f1af56898f760cf9ef88d77e1a6b195bd5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77494 x-xss-protection 0 last-modified Mon, 06 Nov 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	22ms 7ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 06 Nov 2023 07:22:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug sSY4jp11ybGPiSvcVWc0QP33Gpf27NKP1qmsujX/jwJFh90ZFpdgEAhBjlg0yJItGMrVkVeR4u7lkjX5U0oJUQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	55ms 29ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id AENNNW4RTVV2KN9D age 5 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 ULqr8Gt/e7TCEkuSp5UAhjxXjJP6/3z8RAZWCFhCJmu2LPko/1kucw0zJ0dJOUmsaCtiUWSSkb4= last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irBzCgtlAyFzVdKRdH1%2BlGMsxP2QMZATgt4ycFBC0rD%2BGr8fHaQIMGyl7Jbju%2BfPJeLakAYKo%2FTUIqw0iM3Lh5g06D7aqefejjlPL3859z9HFFv0t9RUCzNI5z7RdkgsDeiNPyo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 821b95371e352c23-FRA
GET H2	200	client Show response accounts.google.com/gsi/	199 KB 79 KB	47ms 26ms	Script application/javascript	2a00:1450:4001:80f::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/_app-57668931f537ba34.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cb306bb343515f2d599d3e85cb84d0d63ec8df8808117c0be3188bc52b9c6dc5 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-mMnEk_ISvHAKi6E-nyc5Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-mMnEk_ISvHAKi6E-nyc5Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	3626502037629324 Show response connect.facebook.net/signals/config/	140 KB 36 KB	65ms 63ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3626502037629324?v=2.9.138&r=stable&domain=home.s.id Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 06 Nov 2023 07:22:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug MU27IBlQ6YzeRcc+Woo/TvqwDGQee2n9EXcHIoLDkR67UHmmCgW7YizVp8icQCwg+SAYxWITPBY6NYNGShEQYA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET		4b27aa03-d3da-43eb-8382-660c054fbc9d ekr.zdassets.com/compose/	0 0
POST H2	204	collect region1.google-analytics.com/g/	0 249 B	142ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b11v881303989&_p=1699255320148&gcd=11l1l1l1l1&cid=1894698830.1699255320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699255320&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3454 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	27ms 26ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14b8d1db17b705243a958bb5dffef7408000a179833eb5753e9d164894c6e1ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86158 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 76 KB	27ms 27ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10823601447&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 379ac2cb05b24e259e7ad1110c00b617ca39359c1c178226f439caa92b475e20 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77531 x-xss-protection 0 last-modified Mon, 06 Nov 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 49 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b21241c03ad0601271c8adc90ed8213ae3f9fc1819a91b8f0f79877d2aea03d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 50368 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:00 GMT
GET H2	200	/ googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/	3 KB 2 KB	92ms 19ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1699255320298&cv=11&fst=1699255320298&bg=ffffff&guid=ON&async=1&gtm=45be3b11v887245165&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=1402909836.1699255320&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 249 B	67ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3b11v889124234&_p=1699255320148&_gaz=1&gcd=11l1l1l1l1&cid=1894698830.1699255320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699255320&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3530 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 240 B	71ms 21ms	Ping text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=1894698830.1699255320&gtm=45je3b11v889124234&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	69ms 18ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1894698830.1699255320&gtm=45je3b11v889124234&aip=1&z=1381484800 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	42ms 6ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1699255320351&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699255320349.709623383&cs_est=true&ler=empty&it=1699255320198&coo=false&rqm=GET Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 06 Nov 2023 07:22:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	analytics.js www.google-analytics.com/	52 KB 21 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 06 Nov 2023 05:51:32 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5428 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 06 Nov 2023 07:51:32 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10823601447/	42 B 455 B	40ms 19ms	Image image/gif	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10823601447/?random=1699255320298&cv=11&fst=1699254000000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNucobU0cQoTz3egjG4Nvpq7NbSg8IXw&random=3651251653&rmt_tld=0&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/10823601447/	42 B 154 B	30ms 29ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10823601447/?random=1699255320298&cv=11&fst=1699254000000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNucobU0cQoTz3egjG4Nvpq7NbSg8IXw&random=3651251653&rmt_tld=1&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/j/	1 B 201 B	15ms 14ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=224411589&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1123153612&gjid=1640242268&cid=1894698830.1699255320&tid=UA-225238330-2&_gid=768841731.1699255320&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=2054850034 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://home.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	rum home.s.id/cdn-cgi/	0 136 B	11ms 10ms	XHR text/plain	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://home.s.id/forbidden accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 content-type application/json Response headers date Mon, 06 Nov 2023 07:22:00 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://home.s.id x-frame-options DENY access-control-allow-credentials true cf-ray 821b9538ef71196d-FRA
GET H2	200	Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response blog.s.id/post/2022/05/19/ Redirect Chain https://s.id/1SV77?s=skip https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	110 KB 31 KB	60ms 32ms	Document text/html	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 48a4aa011c34f9518138c154bddf19b2edb8dc161b63fc31b6dc7312b038d5c8 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://home.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 76760 alt-svc h3=":443"; ma=86400 cache-control private, max-age=86400, must-revalidate cf-cache-status HIT cf-ray 821b953c18771ca9-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 06 Nov 2023 07:22:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heGqLHkWMQW51AChK7zBwDbwREXUeJyd9sGDQ3H45eiC4TmcqxchjVdKsI4i92aKQJ9097UiA6aFKr%2Fk%2B4YG2iVq5LslqsBaYgWOe6q1GrY9EQ4inP8bBRXhXo8ZXgtl9m4hubV6bQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-powered-by Next.js Redirect headers cache-control private, max-age=15 content-length 0 date Mon, 06 Nov 2023 07:22:00 GMT location https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect server nginx strict-transport-security max-age=15724800; includeSubDomains
POST		collect region1.google-analytics.com/g/	0 0
POST		rum home.s.id/cdn-cgi/	0 0
GET		sentry-browser.min.js static.zdassets.com/ekr/	0 0
GET H3	200	708f97a9e743dd87.css blog.s.id/_next/static/css/	118 KB 18 KB	29ms 29ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/708f97a9e743dd87.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07f8a0902971b14650fb4c123ccbe47bbe0292305e0fd9e0e9962a5c93f3df92 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"1d99f-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jG3A9MOghzH73VhLEVrQajZTOfvyafDeaKdWkUqDscKlO5Z0VkexjBBiBSwg2hF4ItE81tQgyQBed3K955UMkhRURmCyKvw7Z2a2Fj5qctQ3BjtK0G7ikc%2FMKp7EvEgxVxLG0laZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c5b9e196d-FRA
GET H3	200	0ccc702cf5b6f291.css blog.s.id/_next/static/css/	722 B 789 B	23ms 23ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"2d2-18b94255af0" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVDh3E3aU89DHJeM8YBvQXQ5t2O8xDyDzHcbDoflUXH9jeJo8fVjTkypX8UnRwfRUCNpgn7VVrWksIgplJ47lX4hXvjGmh8iyXIwrHx84FHU53hG3v66qbAAAXgwnu1%2Bb%2BfBBMJ6mg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c5ba0196d-FRA
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	177 KB 59 KB	79ms 56ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f247b033a98ddeb4a3dec95f7fa08594fd4b0e30fe51bc8da5ec5530ec39e394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59773 x-xss-protection 0 server cafe etag 6127004480738375420 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 06 Nov 2023 07:22:01 GMT
GET H3	200	webpack-36d12a75f0098f30.js Show response blog.s.id/_next/static/chunks/	2 KB 2 KB	23ms 22ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"892-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EgOJZsMfHUkitH6O7ekGpCn5ywEIyUr94Y8UnmUv5p4YsqmA6kPwt%2FnPXpNxX2O8JV4CzGbxLud6DIMWfnmNHci6ruz8Khz3j60mEEDspsID4Xc8rIemdhm8q2C7vLZW%2Bn0Zzv0qw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bc9196d-FRA
GET H3	200	framework-400d78dd60ac46ca.js Show response blog.s.id/_next/static/chunks/	138 KB 45 KB	34ms 32ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"226e4-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZmHAI6agp3WBAW3PsxHvkzfHhvS3GtWxYJxeoTdly4vQ3kA6sjfNbcTr1jx%2BfgRARYyjOKpHwcYAyWeF2SnXT61FeVA84nDyxfZCJdj9Lyk49A%2Bee5ctcrj7hkUZBY%2BNNX%2F3Hv%2FIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bca196d-FRA
GET H3	200	main-ef060895a635bf59.js Show response blog.s.id/_next/static/chunks/	96 KB 29 KB	28ms 26ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"17fff-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCfRFBpEI0SfQN3nogV3jGX69qurDXd%2FJBOUBbnFoM0nnMZRu8y9eSdiyQi2M3eZbrwmZF0UpTT7mz%2FZLgRMmXXxHqKFwYQDxqfdnNdwxcB7dr5DMTOG0aNDgqe1N%2FzVnQVjgt%2BQiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bcc196d-FRA
GET H3	200	_app-0f590372828a3d5b.js Show response blog.s.id/_next/static/chunks/pages/	256 KB 83 KB	36ms 34ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/_app-0f590372828a3d5b.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe9812114ec1b75ab721f01e51b8db8472d76916bf5a12455adc0ace94f665e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"3ff1d-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOtCIAfhFD9koZUgUQhDwD0%2BB%2FmfZuNSHXR1F0gUaiBzsaItFox7s3WjO7aURwk7lOBqO07%2Fns8253xuCHEEnjPECkAQoXGQ0WiDNR%2B%2BIC0jYR64P5gu0pcwmdzAbl%2Fw3NoReclOvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bcd196d-FRA
GET H3	200	b7322211-fbdd2383fa168487.js Show response blog.s.id/_next/static/chunks/	3 KB 2 KB	23ms 22ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"a7e-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2yBSVaROSQHjPNJxdvEM9vag3BbVKAAIGLn1ikwKwqZta%2FF4O9Qd8bRfTNYuj25NLfnrxr0ea%2BP4vH919PVad9C%2B6RasZYCmIjmsN64t1x5aphD%2BxFUiylpcl5rPSBbWB%2Fuo9qHgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bce196d-FRA
GET H3	200	903-f279e023cd941d06.js Show response blog.s.id/_next/static/chunks/	140 KB 43 KB	31ms 29ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"23198-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U89hhPvPqaX%2F3TBYiW%2FX9af98rvNHRFPc6wewlbDtdvnLWpMEBJZcMq63WSlPPTKDSuWIQ%2FobozpXq3dlJTn71qCkg92lfTCBG%2BSNz8bKresxLMSx3PKeH1KlFUWBK7kpfvqulT%2Bmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bd0196d-FRA
GET H3	200	68-f431ef7595f2a6e2.js Show response blog.s.id/_next/static/chunks/	13 KB 5 KB	30ms 28ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/68-f431ef7595f2a6e2.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e294728a37779c82ee77f575788b80a9a135d9901d9511dbf3cd95cea1bca52f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"35f4-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhwk11XivCjWn2KwH1EVM%2FP%2FQeZ7kD6lYjFOMFSRgCVlcD9wDLjIL7%2FMoNtyop0A77MAElopZRu8x5oeIKpzeNCgPxp64WRXGQVzMGT%2FrhdzolvEn5qP%2FEffi3eN%2FrozmlQE4mZ1fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bd2196d-FRA
GET H3	200	%5B...article%5D-f50dfd12dd1bf9bd.js Show response blog.s.id/_next/static/chunks/pages/post/	26 KB 10 KB	29ms 27ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"6877-18b94255af0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jztMve59F9MNbUqymt62uNirDt%2FEQbwmodxAwGNCFSW7GwWJqhCF4XGLhbqIQrC83Ru1TKW4mr20b7GYk9nEOO3PNoQS3cUeXHvZ7TH8matShWzGlL3EW8UrMIX18IHkoKLmkmr%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bd4196d-FRA
GET H3	200	_buildManifest.js Show response blog.s.id/_next/static/CFzvsrOj9lY6UTelPe676/	998 B 987 B	44ms 42ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/CFzvsrOj9lY6UTelPe676/_buildManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8023e0fb130121477b771bb2c8468d6b803ec7ac4d8a2ab13926743004610eec Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"3e6-18b94255af0" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjSCD8i2Y6Eb87g2nfxnUyOhr%2Fe0DUXHvsnIuy3GsZjiAvtT4BzvDNkupnviKV2COsl8AY%2F0Z1k8diTYaMHUk%2Byyuw90H2KEtEgTGfljC01xQwe3c3xQhLE3IFa5Ynh1gpm8JpyoFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bd6196d-FRA
GET H3	200	_ssgManifest.js Show response blog.s.id/_next/static/CFzvsrOj9lY6UTelPe676/	77 B 606 B	24ms 22ms	Script application/javascript	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/CFzvsrOj9lY6UTelPe676/_ssgManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 256503 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Fri, 03 Nov 2023 07:45:58 GMT server cloudflare etag W/"4d-18b94255af0" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FuPweHSe8ZEtvmbnZXjr9vn8N4owJKSOuIKY5UAECLjwjaNOpjvLSl206d%2BkRpTeNcUD%2Fj8ISysUaZK1%2B0DgmkkhfTh0yP%2FYpJ4qm7Z830WERPwPB4EqfJVJMhJ%2Fa6Zcty768Ulug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 821b953c7bd9196d-FRA
GET H3	200	montserrat.css blog.s.id/assets/fonts/	3 KB 994 B	275ms 274ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/montserrat.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbkPFLiqQKRRP2Hi02TKM4oKltLYgoDHuBgbA0huCfiliTPL9Htg653GT01JWLlQ0JRl7G9rVZYVQAyt9Qm3dWsQiu19DXfUY9eRXP6814%2FSdtMLnWFkU2%2Fll6sU%2Fq6zF2rmOV%2BUSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 821b953c6ba1196d-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans.css blog.s.id/assets/fonts/	4 KB 938 B	291ms 290ms	Stylesheet text/css	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/work-sans.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uUe447X0w88a2XSW9VpWke2PZuNH%2BdhPr35BlsffJPvn8YglgndfDx8I4tbUpaAt2HnRFmLFsSAC8fZ6COtLmyIOMljSs0DGKc618OyY0J0YkcuAJVgj43guof%2BKNSeKN8otjJ1Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 821b953c6ba2196d-FRA alt-svc h3=":443"; ma=86400
GET H2	200	klip_2310_home.jpeg cdn-sdotid.adg.id/assets/	38 KB 39 KB	163ms 20ms	Image image/webp	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-sdotid.adg.id/assets/klip_2310_home.jpeg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT x-amz-version-id 7J5fU7ky2RB2K0._gaywL1p5g8cLKNce via 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff strict-transport-security max-age=0 x-amz-cf-pop FRA53-C1 age 4381 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 38940 last-modified Thu, 12 Oct 2023 09:48:14 GMT server cloudflare etag "41e097787c826186c9cc5281368f5c85" vary Accept-Encoding, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhnjsQm%2BNkIY827GDZ%2Fkk7i3fQ8BQYso4nrcUq9%2B%2FtY3EiDxPc3a%2BttGecGjh0pjTxE%2FDLKekawzMuLgoOAexIdvE4yyL0xxq83Ev9hR4Vvni57uuepcJn1mrNs8rLkxNePeg5ktxiOi4spdyyI95g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 821b953d4a285d75-FRA x-amz-cf-id fEQiNZ7k2hy9TzATH0ynQawFVcF7SHfbSKQyHHThscpi5v-wVBpxVg==
GET H3	200	adg-red-ring.svg blog.s.id/images/	6 KB 3 KB	250ms 250ms	Image image/svg+xml	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/adg-red-ring.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 12 Mar 2022 15:31:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"1926-17f7ec17510" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4YjP8DVODct%2BWhByoyKRSeBXES11Ot%2FlszOIKqM2dMR9T%2Bsh6XenPBILY%2FIqji70gDetOQtD5Ed9PsYp2b1jZw8SKO4ZZxSVSNN6rk1Ja1ukuYK2T07r4ThNG%2BcktoFcZ8HuHwp3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 821b953c6ba5196d-FRA alt-svc h3=":443"; ma=86400
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	42ms 41ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://blog.s.id/ Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 821b953c7e3b3686-FRA
GET H2	200	show_ads_impl_with_ama.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/	459 KB 150 KB	87ms 86ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0a4f02ef74dfe4604069fa7f980668df3be1d77808d742fe48e650cc17f7832d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 153279 x-xss-protection 0 server cafe etag 17253623311429956980 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 06 Nov 2023 07:22:01 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 6505	10 KB 5 KB	9ms 8ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 51543 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 17:02:58 GMT etag 251720774729838433 expires Sun, 19 Nov 2023 17:02:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	work-sans-normal-700.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	363ms 363ms	Font font/woff2	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UePmwVUUS34nGRkmY0BxFJIsgKny1sOyOQvTz0lTD7Dj25PQyCmYSBt5NY%2BWg1MYVIqzx73k9HjuHy8xfBF8LZgqt7rWT%2FuqyNKiUFTPwW%2FemEZcN9nQZL2d3YpnYy%2BkABWtm8rt%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 821b953e3dc4196d-FRA
GET H3	200	work-sans-normal-400.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	251ms 251ms	Font font/woff2	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKQ693DnPfT2kSk%2BWudVUBt3vz4JQ2F%2FZvfTtHR1qi65h6gHfLjqMGTH20PrXJFQbzigHxbH7Mm0HGppO3D4rgKNlZb3azKcGJ3XHNR6Jl%2F7RpGfU5rPVGreuZGvS6kPWm0g0hp%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 821b953e3dc7196d-FRA
GET H3	200	sid-neu-logo-dark.svg blog.s.id/images/	8 KB 4 KB	248ms 247ms	Image image/svg+xml	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/sid-neu-logo-dark.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 05 Jul 2023 23:09:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"2137-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plw4YZnjwhfBa9ssQHjni%2FBRuDwR7njIZBJIK54hxjwbL00i2qR%2B%2BX5pCIVl%2F7ISNSS4tLqy0l1uovklCY1EobPPRuV4RvvElRISfedtwZBtOPV6%2FfCY0UVtnGQ7T%2FokiM5CwNcLmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 821b953e3dc9196d-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans-italic-400.woff2 blog.s.id/assets/fonts/dist/	44 KB 45 KB	250ms 249ms	Font font/woff2	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b61d2de9865afa7dbbb91782523d03263294fb81eeae08e9ee0fc6f121e1a6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 45488 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"b1b0-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgAnxTPO0mnKkLrV1uS6%2B7C5%2Bn2oLNmdlq1f1NCXhCPtmP%2BZxeVoqE6f2a%2F95fshBUQCA5tkMrQWVGn5BJsSZteVpIpdl7yLJklfPdjvdyy1YtywT23UXlu8H7DvTctXJYNTpDN6OQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 821b953e8e1f196d-FRA
GET H3	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b52ac0dfcb40bca6f3426a638fcc1c8202a97260e0f002e2feadecaa34b04814 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85270 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:01 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	30ms 30ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 92c6cb162c2c8c2b83b447675e4eb39e051ac13021c7a8804fe0f96f1c7a1b69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86064 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:01 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 4 KB	24ms 23ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id AENNNW4RTVV2KN9D age 6 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 ULqr8Gt/e7TCEkuSp5UAhjxXjJP6/3z8RAZWCFhCJmu2LPko/1kucw0zJ0dJOUmsaCtiUWSSkb4= last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zufYrbbRHImqjBWsR5FGOfWQWxAjQQ4yLCxmockYpg4oKMS2rdvi74ur5WV33utcS7ZJdpDT%2B8AcRFmNih4u5ZrvuaG6otQTRJ%2FydvyCgSRVUx6svJqwwYZBzhOlmADusPtgxc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 821b953ebf592c23-FRA
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	375 B 598 B	119ms 14ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55e9895c8e69afac7d83b0cc613ba76c7bf9fa5ef54db4f2ab14b95798ca661f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame A36E	0 20 B	199ms 195ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699255321&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699255321144&bpp=4&bdt=127&idt=278&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3197634300550&frm=20&pv=2&ga_vid=1894698830.1699255320&ga_sid=1699255321&ga_hid=1921204252&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532334%2C44807048%2C44807337%2C44807454%2C31078301%2C31079384%2C31079156&oid=2&pvsid=2893146255683337&tmod=2088816019&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:01 GMT expires Mon, 06 Nov 2023 07:22:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookie-consent%20fixed%20bottom-0%20left-0%20w-screen%20lg%3Apx-0%20z-50&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response ekr.zdassets.com/compose/	336 B 568 B	174ms 174ms	Fetch application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d271b2dcfb4cd5255706422f3212e57276b31979e23e391eb30fd6ad6e3a1e7 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 81f1360bbc295ea3-SEA, 81f1360bbc295ea3-SEA x-runtime 0.008753 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"2d271b2dcfb4cd5255706422f3212e57" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsJ2C6JVAk3fEYPStcYQHQxll762t6dXehWIxJNbI6btc62SC01Q9uEArVf9c1UeH%2FPbCL4s%2FseE%2FqkPHpb%2FEfSbq6dRNkhRSCmgWNfuZ84%2F4mI%2FrhnlXaJwWAv2Kv68PxU%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 821b953f0cd265d6-FRA
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	14ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3b11v881303990&_p=1699255321396&gcd=11l1l1l1l1&cid=1894698830.1699255320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699255321&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=979 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8c8e7d3482837bb3310a02e2e11de58962c6f5bcd0bd36fb68f5912860996fe5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86036 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Nov 2023 07:22:01 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	14ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3b11v889102823&_p=1699255321396&_gaz=1&gcd=11l1l1l1l1&cid=1894698830.1699255320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699255321&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1005 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 68 B	21ms 20ms	Ping text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=1894698830.1699255320&gtm=45je3b11v889102823&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	17ms 17ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=1894698830.1699255320&gtm=45je3b11v889102823&aip=1&z=124016407 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-framework-7ecc80f5e262397c6f58.js Show response static.zdassets.com/web_widget/latest/ Frame 9DCC	102 KB 32 KB	29ms 28ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-7ecc80f5e262397c6f58.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7141d80dadc1b507a62958dc9af26a6a8d79188b272a4cf6b3026334da443ded Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT x-amz-version-id _iGiXmd29ZRQ9TQEoYF7aCAYxHkH6rbK content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id H61Z0PSYCVKDDP0C age 444266 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 FvoIuDPhPUXn4Rd2EK8LA0l6ynSelWmDt7q1wIOoQrEUNHA9HqJpQFS6exKFUJ9lhOGt4BYc9bk= last-modified Thu, 26 Oct 2023 04:51:39 GMT server cloudflare etag W/"2da501ea456f3fe0dcb46bf62a9450cc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnfWa70hBfVPom6doWDiwUKiNj9JTyCI5oheyX2tzHBh6Pj0HzsYIPtmCqdVvLuC0t%2F7SieOdMKNtEI%2BnZie7V9ReYuRqDUrmcXsaFEsQaTwAKdn3Wa%2B4ikTo5XWOJOqYdgUyx8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 821b954039162c23-FRA expires Fri, 25 Oct 2024 04:51:38 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	72ms 57ms	XHR application/json	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 877f4830afc0a73f9daa6cfbe35876153187763cb2ea0cd88a6fda901e0b93b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12166 x-xss-protection 0
POST H3	204	rum Show response blog.s.id/cdn-cgi/	0 137 B	16ms 15ms	XHR text/plain	2606:4700:20::681a:6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 content-type application/json Response headers date Mon, 06 Nov 2023 07:22:01 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://blog.s.id x-frame-options DENY access-control-allow-credentials true cf-ray 821b9541293c196d-FRA
GET H2	404	config Show response shortener.zendesk.com/embeddable/ Frame 9DCC	15 B 952 B	405ms 370ms	Fetch text/plain	162.159.138.6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shortener.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7ecc80f5e262397c6f58.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=0; content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-84b8b4dfc9-btq24 x-request-id 821b95416e2b1ca9-FRA x-runtime 0.006682 server cloudflare vary Accept, Origin, Accept-Encoding access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg8ke05fNUTvE0mXafpsg6gKawskhjJ%2BqEL88w62%2FeDEboieIcFVMONTQOphLZqnrNUhu1AZOBjOV3gA6ua7RwmnJqCPpRXpIt8oeTVE1PSMxRx78siHLObTPRhlxy%2BQ2Rb%2BqaDAyQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=3600 content-type text/plain; charset=utf-8 cf-ray 821b95416e2b1ca9-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	100 KB 31 KB	89ms 68ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33264dfb1de01a151913b04e8b57890684e845d837ccb3e938f808d1cde59c28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31298 x-xss-protection 0 server cafe etag 105 / 19667 / 31079371 / config-hash: 7101305502720886139 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 06 Nov 2023 07:22:01 GMT
GET H2	200	site.js Show response protagcdn.com/s/s.id/	442 KB 126 KB	174ms 143ms	Script application/javascript	2606:4700:20::ac43:4bb1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://protagcdn.com/s/s.id/site.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=453743 alt-svc h3=":443"; ma=86400 pragma no-cache cf-bgj minify last-modified Tue, 18 Jul 2023 04:06:38 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEtmBq9Js9%2F7nSxMOwVwPXDBNXfJXRGYqoHpkvQOoiwrgBbdnKoet5U1kradniwT3EaNyxw4c4X5MBodNM%2FgHQU0eiGkv1ZcAnYG5DjuPw9ubCc6lWhJ7zQYOVBG6TEBOB024MT%2Bb9cil94%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 cf-ray 821b9541784f9bc2-FRA expires Mon, 06 Nov 2023 07:52:01 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	57ms 24ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 06 Nov 2023 07:22:01 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/	425 KB 133 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 10:36:57 GMT content-encoding br x-content-type-options nosniff age 74704 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136288 x-xss-protection 0 server cafe etag 17302374607849014435 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 04 Nov 2024 10:36:57 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame A775	13 KB 5 KB	8ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 215556 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 19:29:25 GMT expires Sat, 02 Nov 2024 19:29:25 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 894F	829 B 982 B	17ms 16ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 75804a4f687e0d93a287f7176867fa0df1b8188bf86f549ff5d4726de66b6ad1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sWfdxJ-dTSkwMTTATwfxZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-sWfdxJ-dTSkwMTTATwfxZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:01 GMT expires Mon, 06 Nov 2023 07:22:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame A775	38 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:03:31 GMT content-encoding br x-content-type-options nosniff age 44310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 04 Nov 2024 19:03:31 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 894F	0 0	41ms 40ms	Image text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=2893146255683337&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	96ms 8ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 25 Oct 2023 03:26:36 GMT content-encoding gzip age 1050926 x-guploader-uploadid ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Thu, 24 Oct 2024 03:26:36 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	114ms 25ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-a9a7" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 07 Nov 2023 07:22:02 GMT
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	100ms 16ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4669 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230091-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbCN29%2BxGJbVogwiNsOY0CfyY9Vn5u6PB2N51Z%2BYj72OvOnuFlKksFTQ0AaI4i0sfbI%2B5oEE3Zfwel2HAnqY83vVmNO0n6R7DAZiCUhnQ4J3Yq8hOhBSjAICrY7ne4b%2BuPtiJ9cElFh78w9NKAQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 821b95435e729b43-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	143 KB 31 KB	110ms 24ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Tue, 24 Oct 2023 08:11:43 GMT server cloudflare x-amz-request-id AZKHMN3J5641D79A age 2882 etag W/"8a9ad568d94062c0186983f6aac0be50" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 821b95435b5935e7-FRA x-amz-id-2 YY4ezUb+Muw1VQU1aI5EgLP88wpJNBo+MUdVwQr7NiV/iORInFjKJJUHg1PFn8mGwE0HwKVkR34=
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	94ms 6ms	Script text/javascript	65.9.66.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 03:16:17 GMT content-encoding gzip via 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 14746 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id Mud3xhSfo2WDakHhh-FlLn0SZMq5JxQ31zhPTCGyGEdjRMGb4a3R2w==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	110ms 26ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context e5fb09ca1b75a3ec17b59f37533a8d90 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	415 KB 102 KB	619ms 618ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2893146255683337&correlator=2631201464427004&eid=31079371%2C31079380&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie=ID%3Dda7c7d937e78b63c-22db0f02a8e30028%3AT%3D1699255321%3ART%3D1699255321%3AS%3DALNI_MbKzrXBFaS1UC_MQy_vXbCX9ROL0w&gpic=UID%3D00000cb6f30a3eae%3AT%3D1699255321%3ART%3D1699255321%3AS%3DALNI_MZN22-B1TRZAdCXediCkhheBPIkzA&abxe=1&dt=1699255322085&lmt=1699255322&adxs=-9%2C426%2C426%2C426%2C-9&adys=-9%2C390%2C884%2C2286%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&fws=2%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1894698830.1699255320&ga_sid=1699255321&ga_hid=1921204252&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYxIuKnLoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjEi4qcujFIAFICCGQSGQoKcHViY2lkLm9yZxjEi4qcujFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YxIuKnLoxSABSAghkEhcKCHJ0YmhvdXNlGMSLipy6MUgAUgIIZBIUCgVvcGVueBjDi4qcujFIAFICCGQ.&dlt=1699255321017&idt=928&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D22%26protag_minutes%3D22%26protag_hours%3D07%26protag_day%3D1%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D22%26protag_minutes%3D22%26protag_hours%3D07%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D22%26protag_minutes%3D22%26protag_hours%3D07%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D22%26protag_minutes%3D22%26protag_hours%3D07%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D22%26protag_minutes%3D22%26protag_hours%3D07%26protag_day%3D1%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8104f4d854c76576f8347fb18879f2a764d6aaae35e42a6b126d529a54dcd15b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104100 x-xss-protection 0 google-lineitem-id -1,-1,-1,-2,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-1,-1,-2,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://blog.s.id cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D62	6 KB 3 KB	100ms 14ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT expires Tue, 05 Nov 2024 07:22:02 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame A775	0 10 B	7ms 7ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?T9KUqQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1	85 B 194 B	119ms 118ms	Fetch application/json	34.120.107.143 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 Protocol H2 Server 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 143.107.120.34.bc.googleusercontent.com Software / Express Resource Hash 9e7fc1c08f1f569ee5d3ad8e07dbc61610545f875bb065df6d0575b213ff90ab Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT via 1.1 google x-powered-by Express etag W/"55-np8ohJQi/Kvx/F9Zou6sPVd+hSA" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://blog.s.id access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Mon, 06 Nov 2023 07:22:02 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://blog.s.id location /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 330 B	99ms 29ms	XHR application/json	52.211.62.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.62.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-62-59.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 93d2971204eb9fb303ee19eaf66f6a98b17af577fb0c1ebc4233ce87fd35cb73 Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://blog.s.id cache-control no-cache x-server 10.45.3.224 access-control-allow-credentials true content-length 60 expires 0
GET H2	200	syncframe Show response gum.criteo.com/ Frame CCEF	15 KB 6 KB	41ms 14ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:01 GMT server Kestrel server-processing-duration-in-ticks 291635 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	204	increment Show response id5-sync.com/api/esp/	0 225 B	34ms 9ms	XHR text/plain	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://blog.s.id date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	sid Show response mug.criteo.com/ Frame CCEF Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=6TvzUHxGWG5GOUhLQjVTTDVveUJtYjVISjU0U2dCRC9UZ3hzbDJoMkVZc1hkaXgzd2EwdHNxSXJ3ZjRDeGk3ZmdKSFhtTEpXSjdpTFBxeUFJK0w3aGFENU10UXB0Z3o1cDNFUUJWYUFhWUF2UmlsMmt4Q1hORGh2Q3VPRT...	441 B 653 B	15ms 14ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=6TvzUHxGWG5GOUhLQjVTTDVveUJtYjVISjU0U2dCRC9UZ3hzbDJoMkVZc1hkaXgzd2EwdHNxSXJ3ZjRDeGk3ZmdKSFhtTEpXSjdpTFBxeUFJK0w3aGFENU10UXB0Z3o1cDNFUUJWYUFhWUF2UmlsMmt4Q1hORGh2Q3VPRTBHRUFMU3E5YnBHbTExQS9KdHRDVkVkN2Q1ZW1yZVZ6aitCMm1HTEhuVGxyRjhmdmpiNVA1dFlUNm81UDNXS1gyQ0xwVGw4MmpyU1FyR25JN3YrMTd1ZDlZdjhrWExnQm5FNjZpVG9WL2g0ZU4rU3dKVTM5dENtVHNLNGk2L3lXbEgrSFFxM294ekxrOXA0WTQzYkVNT05EY3RJZ2tiQT09fA&cppv=2 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 700c8e0ba81674519f5c9f77f24c578d525ff4c6d01c8c06f70a83f42e819119 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:01 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1773499 expires 0 Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=6TvzUHxGWG5GOUhLQjVTTDVveUJtYjVISjU0U2dCRC9UZ3hzbDJoMkVZc1hkaXgzd2EwdHNxSXJ3ZjRDeGk3ZmdKSFhtTEpXSjdpTFBxeUFJK0w3aGFENU10UXB0Z3o1cDNFUUJWYUFhWUF2UmlsMmt4Q1hORGh2Q3VPRTBHRUFMU3E5YnBHbTExQS9KdHRDVkVkN2Q1ZW1yZVZ6aitCMm1HTEhuVGxyRjhmdmpiNVA1dFlUNm81UDNXS1gyQ0xwVGw4MmpyU1FyR25JN3YrMTd1ZDlZdjhrWExnQm5FNjZpVG9WL2g0ZU4rU3dKVTM5dENtVHNLNGk2L3lXbEgrSFFxM294ekxrOXA0WTQzYkVNT05EY3RJZ2tiQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 252674 content-length 0 expires 0
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame D66A	0 167 B	43ms 23ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Mon, 06 Nov 2023 07:22:02 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	44ms 43ms	Image text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=2893146255683337&bg=!QUKlQg3NAAb4oU7C2KE7ADQBe5WfOFOlqO0W28rWilKLITB_xgo9kZH3JGLCWTgOAutW61l7uy_1a3B-OhZdO0uV0EpmAgAAAL5SAAAAGmgBB5kCtDZZEIoHljTSbQIpd4JTCRe_dZCZevh3ijU91x89_NqoNISfQzVxY4lrZZD3ikbOD1QWSCg_ZML_bFAXOlKOtWrC3rinbXy3KP22vmFnev9KeJi9IGaZa_h2Yz9yZZlqrysbNVTAHuBjjnpnzOw-zgIodE-5b36O7ttfZcg91D9Y9obvHtbnt5mDy5ll_y5rDLSdLnEYq2aH1J3pLynBOvDTPv3ohY8KtdbXaYFMktFG03p1F6DD0XL6wz2771X2lEshLI9n3MKrFmUwsPGVvWk0mjraOcakJT8uDE8x_h8CzxzZjda9wmv_VlUIPQb4gf_dBCme2Qded0NJcKIRmY5NTpBYmaxz76s-NHQjl5KQQdgOkEuD1OY4lAZ2hbcMNysf5FWImiJefDEcYffsY3VoCtSNlxgtY7hyenh5c5K3Upq6O42turGbwAO6ancYOT3xCBSei3hqvJZb0v2s-Vb70t-iddm80YRk9r1SLPfN8E1EQAhSgXiTEdMSEIhFeldlgHmWNK69kWwv4jJs5ZKEJIcJTE7eNKhsOsHD-d6sihT0UukiACqNrt3LLUoFv4-flv56cHswceJR8JU_aFWNNVqHAvM4reG_N6N4GLIOzX1eKu-GymtkMqzpNzFLKV-bDziNDlSjtNb_nNtTBQ19LnuRSxEcK80KyvEivcqLbT-pReO_SjA-mpTAi-S4SoJfg95K3bx7vQF4KLXHnQ7kVquO0p1gKpX8mXEbV9OXLWn0Tz8mBdfrsfjP_IBNVkrHeiJ1cNZTYBeYSj7wIrG_JXo-UMFQSe2BntKk4D0mc0ognTNbewamQXJLc1cRNjIN34u6SrWStyA_y4Pvl9nqoPdNciKSjBtN88Tc9d6ci5DRY-X1YVJ0EN2Y5OPo1qvYoPYAh9FHcRTx3d-qZFjEFt80 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	container.html Show response 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7469	6 KB 3 KB	9ms 8ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT expires Tue, 05 Nov 2024 07:22:02 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9FE	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT expires Tue, 05 Nov 2024 07:22:02 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD29	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT expires Tue, 05 Nov 2024 07:22:02 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 6537	624 B 242 B	50ms 50ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNWYfxac_Jrb_TlEqEPwoZphrqkloL_dTGTJWINU9nP-lAel82__kll8KPqlOfwpbv9_nANiH1y3YhqBOeQAsPecbPLlUNT_gutnobhBr2lGaaHgRnD_egSLh8Xi19enoIiG8DCurh-_DCmEcnuN8ctSz1quxtONik85QaZYSnuywi3du1OT_XhqnTs_Bkoq1KMGtucdAkNN2JAWgpx2Dzw5IJPYZQ Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 7469	111 KB 39 KB	46ms 7ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Origin https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 02:22:22 GMT content-encoding gzip x-content-type-options nosniff age 17980 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 02:22:22 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 7469	11 KB 4 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 7469	31 KB 12 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11960 x-xss-protection 0 server cafe etag 17132697034905592634 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 7469	41 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 02 Nov 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 363576 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 02:22:26 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7469	3 KB 1 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5C19	1 KB 643 B	7ms 7ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 54005 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 16:21:57 GMT etag 48472445140208031 expires Mon, 06 Nov 2023 16:21:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7469	30 KB 12 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50557a7ee9d6cda560453727161057b62645d2b9a50c0dd265a50e9bf0f93163 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11856 x-xss-protection 0 server cafe etag 12816651887479000906 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7469	42 B 63 B	41ms 41ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI4CV-VXDQi5gF_Elws-Mydd560gCeMCtnsZnEHE04ta5dIrNBmBD4DIxRlVjHilp1Irf4t3Fb0ja8HUwxdxtHGKVhGO0HtdW4lz4NVinc9aEm9bU Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 7469	0 0	18ms 18ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYQzxUcp5aWgqLEhw8zZcblfnSG6TAl9z4CQJ8AQGAg2gwp4qvc7xMF2YvcK0wKi1cHXc15qk-h9WobRQ7flcMx-EjZQ Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7469	189 KB 60 KB	63ms 22ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 06 Nov 2023 07:22:02 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame AF17	640 B 262 B	51ms 50ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiotcLbATAB&v=APEucNWEXPnps78dkenV_pAF4IeOq6KXh7cK5BaD8jJQ4dlKUTorwWVUGZZDeHk13Pt-sA2OB1AjR0Y2K8qjuO20ha2atZoZkNAefdMLhhMQLorhnyi20TJ0o4xsBHYppokCdU7OLd8SD9PEOD9cegjvh_DBoikE-OFbu9k9hIX4BcjvUikyOu8Zkiz4p07nJWpXo9cNLtnRXVsLF-qtE8QoA9nXlOgIsw Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame B9FE	111 KB 39 KB	36ms 13ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Origin https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 02:22:22 GMT content-encoding gzip x-content-type-options nosniff age 17980 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 02:22:22 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame B9FE	11 KB 4 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame B9FE	31 KB 12 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11960 x-xss-protection 0 server cafe etag 17132697034905592634 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame B9FE	41 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 02 Nov 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 363576 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 02:22:26 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame B9FE	3 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 6F9F	1 KB 643 B	8ms 6ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 54005 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 16:21:57 GMT etag 48472445140208031 expires Mon, 06 Nov 2023 16:21:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame B9FE	30 KB 12 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50557a7ee9d6cda560453727161057b62645d2b9a50c0dd265a50e9bf0f93163 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11856 x-xss-protection 0 server cafe etag 12816651887479000906 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B9FE	42 B 63 B	43ms 41ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AoQH5KPtHW0dxm-JA3GW1gNj9ICI5wHbGtWtY-Z6zizFHhnFj8Qfs_zGSSnfpe3tQlcUXBTRCS9waC2XEtyYyeY27x0BNfaMJq9W1dJC7713RZxFw Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame B9FE	0 0	16ms 14ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUvIV_JnFtwf4yToladQDTwTFcxnASwMBpH3_VHWnTrrGfpFq47gytjYP8kplvv-VXrCWxpQo-e15-LbKN9rv6K62Vyg Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B9FE	189 KB 59 KB	56ms 32ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 06 Nov 2023 07:22:02 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame C22E	466 B 235 B	48ms 48ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNUYjmY1h9F-coepuYRnaiL-teNCaJ_YzmXq4FWOf7huZB6ztqSB5QeSKLaG-6gtvJ4sAn0cHIYp_4GkknwX7XNVI-SURwfMvzECy6fCzzCVisT8ms2Flo6Y_oWBZctUmegLu24YCmcOct-4lkIfrAvyvw3CVHRonShkFTUvXkzsv539Nsug4vLad7HrCp-z13kSr-vIxskxTdBGnCz5MxlpN1dGnA Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 215 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 07:22:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame FD29	111 KB 39 KB	27ms 18ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Origin https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 02:22:22 GMT content-encoding gzip x-content-type-options nosniff age 17980 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 02:22:22 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame FD29	11 KB 4 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame FD29	31 KB 12 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:21:54 GMT content-encoding br x-content-type-options nosniff age 43208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11960 x-xss-protection 0 server cafe etag 17132697034905592634 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:21:54 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame FD29	41 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 02 Nov 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 363576 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 02:22:26 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FD29	3 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 04EE	1 KB 643 B	9ms 7ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 54005 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 16:21:57 GMT etag 48472445140208031 expires Mon, 06 Nov 2023 16:21:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FD29	30 KB 12 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection.js Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50557a7ee9d6cda560453727161057b62645d2b9a50c0dd265a50e9bf0f93163 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:19:03 GMT content-encoding br x-content-type-options nosniff age 43379 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11856 x-xss-protection 0 server cafe etag 12816651887479000906 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 19 Nov 2023 19:19:03 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame FD29	42 B 63 B	42ms 41ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvpurujXRhOB3GyfkVxwhyRbuPP8ujLI-9fu9hxzIf_eCVTCiCeem-vVeqUhDeU0Oe3sa64515qJGPHvUzBNn0LFrFiNQZITXS_fr6Dok4fV24edA Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame FD29	0 0	16ms 15ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3IB_2KlkzxDQiC6PMVF6aRecDUf7Jv_ZDtofw5dKakj7xnff8DEQmlZxetlpVpdDqpdAvu3KepeEfA3rXBHILgKxpCA Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FD29	189 KB 59 KB	52ms 41ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 06 Nov 2023 07:22:02 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 6537 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1	43 B 340 B	35ms 33ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNWYfxac_Jrb_TlEqEPwoZphrqkloL_dTGTJWINU9nP-lAel82__kll8KPqlOfwpbv9_nANiH1y3YhqBOeQAsPecbPLlUNT_gutnobhBr2lGaaHgRnD_egSLh8Xi19enoIiG8DCurh-_DCmEcnuN8ctSz1quxtONik85QaZYSnuywi3du1OT_XhqnTs_Bkoq1KMGtucdAkNN2JAWgpx2Dzw5IJPYZQ Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ie2HbfmoIVOzfgfXeuIIya%2BjTDn1rCGKzEU4b8lcyPPcrjrTll5JYRVG66eAIL9hDpOOP6fbhq6Vrl%2BkzfJcqTmGdRvWxYu6S%2BIMIBb3oIQUg7j4%2F4k5tKvSWyuqp7TEaX4TQo9ZwU8qkg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 821b95486a589235-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 6537 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUiUGu2UmGZWZHdykCJErgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1	43 B 771 B	28ms 27ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNWYfxac_Jrb_TlEqEPwoZphrqkloL_dTGTJWINU9nP-lAel82__kll8KPqlOfwpbv9_nANiH1y3YhqBOeQAsPecbPLlUNT_gutnobhBr2lGaaHgRnD_egSLh8Xi19enoIiG8DCurh-_DCmEcnuN8ctSz1quxtONik85QaZYSnuywi3du1OT_XhqnTs_Bkoq1KMGtucdAkNN2JAWgpx2Dzw5IJPYZQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKyZ0SN4GRe1pEFD9Xpqj6c1jD%2FBSyvCH6lMrnPMBvtP2V6NxOVA0w7y9wAOAzQvGA%2BXpWyY4dl6XTDEioOLPCjaDkSqsmue4bc4tTadmBikr7ELs65HnWVjlplcelr%2F8CzLKyGej5zFwg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 821b95490d519a35-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA43MBHFJvjjd5oVdbg-_ew&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 6537 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEG0HbEF2gE140ZQbv-9B1Fw&google_cver=1	43 B 840 B	8ms 7ms	Image image/gif	37.252.171.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEG0HbEF2gE140ZQbv-9B1Fw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNWYfxac_Jrb_TlEqEPwoZphrqkloL_dTGTJWINU9nP-lAel82__kll8KPqlOfwpbv9_nANiH1y3YhqBOeQAsPecbPLlUNT_gutnobhBr2lGaaHgRnD_egSLh8Xi19enoIiG8DCurh-_DCmEcnuN8ctSz1quxtONik85QaZYSnuywi3du1OT_XhqnTs_Bkoq1KMGtucdAkNN2JAWgpx2Dzw5IJPYZQ Protocol H2 Server 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT an-x-request-uuid e53e7767-94ce-410b-9fc6-f757bfd7dd9d server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEG0HbEF2gE140ZQbv-9B1Fw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6537 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D	170 B 188 B	20ms 19ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNWYfxac_Jrb_TlEqEPwoZphrqkloL_dTGTJWINU9nP-lAel82__kll8KPqlOfwpbv9_nANiH1y3YhqBOeQAsPecbPLlUNT_gutnobhBr2lGaaHgRnD_egSLh8Xi19enoIiG8DCurh-_DCmEcnuN8ctSz1quxtONik85QaZYSnuywi3du1OT_XhqnTs_Bkoq1KMGtucdAkNN2JAWgpx2Dzw5IJPYZQ Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT an-x-request-uuid ff23288d-07de-4f07-bda7-7fd0060c2345 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D x-proxy-origin 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C19 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENmHSTb280cnrCY66HA27PQ&google_push=AXcoOmRG-r4AnE3g4gTyIjv93bL2FPWeZnOR6eXsCiAkdiYc29FbV1HCVT...	170 B 188 B	19ms 19ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENmHSTb280cnrCY66HA27PQ&google_push=AXcoOmRG-r4AnE3g4gTyIjv93bL2FPWeZnOR6eXsCiAkdiYc29FbV1HCVTl3NXf-j48a7iAOW8LHQwrrz5vmlmEokmi7t9Bv87IF Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230099-FRA pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1699255323.911464,VS0,VE89 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENmHSTb280cnrCY66HA27PQ&google_push=AXcoOmRG-r4AnE3g4gTyIjv93bL2FPWeZnOR6eXsCiAkdiYc29FbV1HCVTl3NXf-j48a7iAOW8LHQwrrz5vmlmEokmi7t9Bv87IF cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	sync x.bidswitch.net/ Frame 5C19	43 B 145 B	36ms 7ms	Image image/gif	3.127.91.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL5cx4nL2bULlroypwu6RRE&google_cver=1&google_push=AXcoOmTuEks2_whkNLgC8z0zWtO-Dtm1pu0bSrlzx-kViU71bsVXUvilY6IrXKVN3s87DV_nGPmYjPcuH5-CfG-lgIIPUjgm5v-9 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-91-113.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C19 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAKLWyuHANMkFqrRgpSk_3U&google_cver=1&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODn... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAKLWyuHANMkFqrRgpSk_3U&google_cver=1&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc0MzQwMzk2MjIyMjc1OTM4MA&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_O...	170 B 188 B	18ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc0MzQwMzk2MjIyMjc1OTM4MA&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODnTdlwCynlslzkw4DWNLjk Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc0MzQwMzk2MjIyMjc1OTM4MA&google_push=AXcoOmSUa76jUGYd3fRo2NPWQJwyODHKvTpqwdVdAHtI5UrfymQgvPKiikTPLeMVUIT0A5GN-NS1_ODnTdlwCynlslzkw4DWNLjk access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C19 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGlWSIqlOzhCESRZ_DTeWoM&google_cver=1&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnvN... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bc8HxRBXXpNR-zWPr5lWHS2NmE0&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnv...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bc8HxRBXXpNR-zWPr5lWHS2NmE0&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnvN3WpiWF5naxcx4 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=bc8HxRBXXpNR-zWPr5lWHS2NmE0&google_push=AXcoOmSZBtKnMUt-iDU6wdMtFZg7ABdFTP3sWteLMGLko2dwgiFKP6AI6HT6zksPy4EWGW6DKi7M077GVeglnvN3WpiWF5naxcx4 Date Mon, 06 Nov 2023 07:22:03 GMT Connection keep-alive Content-Length 242 Content-Type text/html; charset=utf-8
GET H2	200	pixel cm.g.doubleclick.net/ Frame 5C19 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_3uSZlJuR88jyx4BoNZfk&google_cver=1&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shy... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9NS1FVSk0tMVMtSFdZQQ==&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shyRwoYQqhppOVULPkIwIHpzzz0	170 B 243 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9NS1FVSk0tMVMtSFdZQQ==&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shyRwoYQqhppOVULPkIwIHpzzz0 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9NS1FVSk0tMVMtSFdZQQ==&google_push=AXcoOmT0cFPd2d9Us7QraFzdG75Ebq9swvSMF6GtIU_sISTzTN2zGtl7VvpLxtrLq2d-PjK_shyRwoYQqhppOVULPkIwIHpzzz0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET H2	200	report sync.teads.tv/um/ Frame 5C19 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIgIjI1bSJ-G... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSbCI3j3SQFuGpYVNGeILrfD-L4TXyipnOtSkhYTvi1D77QSl-WcExKQ97jMFeflaKaqpNbIa7PQEqBxgcjk8EpL9FuY2tDSQ https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	41ms 41ms	Image image/gif	2.19.104.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-4.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers expires Mon, 06 Nov 2023 07:22:03 GMT pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C19 Redirect Chain https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H... https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEION03IasDCGxJKYSMM47tw%26goo... https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUf...	170 B 188 B	18ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUfWrsRwdXb1R3ykmBI60aL2W5pqTQeb6mrnKharjhshKLYeCUdrIuyB3-hdttOHdBCKe2A Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT an-x-request-uuid 98cbfd65-243b-4da3-86a1-37e1f8e81d9f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTAyMjcyNTc1MjM1MzE3MDQ1NA%3D%3D&google_gid=CAESEION03IasDCGxJKYSMM47tw&google_cver=1&google_push=AXcoOmT8wyhYSJA6H9WmwXwI1XCVsKvKUfWrsRwdXb1R3ykmBI60aL2W5pqTQeb6mrnKharjhshKLYeCUdrIuyB3-hdttOHdBCKe2A x-proxy-origin 45.141.152.77; 45.141.152.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 5C19	0 40 B	40ms 18ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KY-OGKAqYbglCzQLmZVf6bS3o9A2zvhmznCWVFHZZxdlWvNd34YD3PzMmek433f7KxxOH4bu0 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6F9F Redirect Chain https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEMVIcx4-M3IDdl-KqL5gUJ0&google_cver=1&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSu... https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSum_VF8Yq1djTVz7eu8	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSum_VF8Yq1djTVz7eu8 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSoaSr03-SisTFKED1b74UgOaYLPptFg4PU7E4DE41BzL3sreqL78_ZgvrZ2AcZhEM0OVPu8_pdBSum_VF8Yq1djTVz7eu8 Date Mon, 06 Nov 2023 07:22:02 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=3000 Content-Length 0 P3P policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6F9F Redirect Chain https://a.c.appier.net/gcm?google_gid=CAESEEKm7rCJ_gs_6_xEcue_6OY&google_cver=1&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qblYbpF910RKgPnSCe https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VThRR2dHUktEenlGTUhnSUhKUklaUQ%3D%3D&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qbl...	170 B 188 B	17ms 16ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VThRR2dHUktEenlGTUhnSUhKUklaUQ%3D%3D&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qblYbpF910RKgPnSCe Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 06 Nov 2023 07:22:04 GMT server nginx accept-ch Sec-CH-UA-Model,Sec-CH-UA-Platform-Version p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VThRR2dHUktEenlGTUhnSUhKUklaUQ%3D%3D&google_push=AXcoOmTRo3kSo6jxmWQoDy_99MRXzHCuqXbGFgKsQGdupmfE7_wsFa3mT2wNk7PYLZ9nWCegSxAx_zWfC8qblYbpF910RKgPnSCe content-type text/html; charset=utf-8 cache-control no-store content-length 243
GET H2	200	sync x.bidswitch.net/ Frame 6F9F	43 B 146 B	30ms 7ms	Image image/gif	3.127.91.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL5cx4nL2bULlroypwu6RRE&google_cver=1&google_push=AXcoOmQHK0IrIhH_B1ePjjRdKaZZjp4wyaVBYqXeZq8xr4qDiJBqapNUy_4Bzvj61sXkvR4Yh_xXNHP_HfF1qinPP800kIe4j3eI Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-91-113.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6F9F Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSPbx... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-57XsGtrbKPnJpChwWKoonCTNK-qQymcUPxusmQ&google_push=AXcoOmSPbxagCJjvWe1mcDWhExpt849nsMnZZwFSg_kYVo5ugi6Z21C8-4GIEXEP2xu32peaimwFZXjIBPAc...	170 B 188 B	22ms 22ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-57XsGtrbKPnJpChwWKoonCTNK-qQymcUPxusmQ&google_push=AXcoOmSPbxagCJjvWe1mcDWhExpt849nsMnZZwFSg_kYVo5ugi6Z21C8-4GIEXEP2xu32peaimwFZXjIBPAcOvfuRgzIWK6gj94t Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-57XsGtrbKPnJpChwWKoonCTNK-qQymcUPxusmQ&google_push=AXcoOmSPbxagCJjvWe1mcDWhExpt849nsMnZZwFSg_kYVo5ugi6Z21C8-4GIEXEP2xu32peaimwFZXjIBPAcOvfuRgzIWK6gj94t cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 684618 content-length 0 expires Mon, 06 Nov 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6F9F Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJCxbIqAIktTF_e1sPVGyDM&google_cver=1&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWk... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJCxbIqAIktTF_e1sPVGyDM&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWk... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY&google_hm=VjRCUmh4dFB4OWU2aHVL...	170 B 188 B	20ms 20ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY&google_hm=VjRCUmh4dFB4OWU2aHVLWDQtN1M= Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 06 Nov 2023 07:22:03 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQoeF8sgob_sjAzJ0-tkhvf7jvQm8Mml_Nj4XxZ7AvhBzfw2elTpMCBCe_pxEXOU4JNRbTNOnSbVXFWkjOOv5iINIigojhY&google_hm=VjRCUmh4dFB4OWU2aHVLWDQtN1M= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 236 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	204	/ cc.adingo.jp/adx/push/ Frame 6F9F	0 44 B	744ms 236ms	Image text/plain	18.180.200.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESEG9PE6UNu4C6cV0ChDl6tCs&google_cver=1&google_push=AXcoOmRWUjqj7_18BmJnE3GmAg5GzpWoQAr4CBECkoAT3qjjeCPpo8WJz11iWdRfJFuCB66ktf9P_KnUxOAsHCic5U0zPF8jP_Cq Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.180.200.17 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-180-200-17.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:03 GMT server awselb/2.0
GET H2	200	report sync.teads.tv/um/ Frame 6F9F Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIgIjI1bSJ-G... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRZCrSYiv57zJ-o0GlAYxrXo2ntCbFqN2LDW8UOYEIOhVONofn09jYylg0KoOrABaenDszkxCzgjUIZCIXpalwyWqkbFuo_VA https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	43ms 43ms	Image image/gif	2.19.104.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-4.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers expires Mon, 06 Nov 2023 07:22:03 GMT pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 6F9F	0 130 B	35ms 18ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kfwoq1IiyICAQIFg9WRdZYuP45oGn0-I3-i-qDOUHTYCb4aDrvRM2yArn-87w26xQx9Z7kJw Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame E865	38 KB 13 KB	13ms 8ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 256062 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 08:14:20 GMT expires Sat, 02 Nov 2024 08:14:20 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sd us-u.openx.net/w/1.0/ Frame AF17 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIVAKVQextSvG1X1vy9f2ao&google_cver=1	43 B 114 B	25ms 25ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIVAKVQextSvG1X1vy9f2ao&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiotcLbATAB&v=APEucNWEXPnps78dkenV_pAF4IeOq6KXh7cK5BaD8jJQ4dlKUTorwWVUGZZDeHk13Pt-sA2OB1AjR0Y2K8qjuO20ha2atZoZkNAefdMLhhMQLorhnyi20TJ0o4xsBHYppokCdU7OLd8SD9PEOD9cegjvh_DBoikE-OFbu9k9hIX4BcjvUikyOu8Zkiz4p07nJWpXo9cNLtnRXVsLF-qtE8QoA9nXlOgIsw Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIVAKVQextSvG1X1vy9f2ao&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cm us-u.openx.net/w/1.0/ Frame AF17	43 B 219 B	29ms 27ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiotcLbATAB&v=APEucNWEXPnps78dkenV_pAF4IeOq6KXh7cK5BaD8jJQ4dlKUTorwWVUGZZDeHk13Pt-sA2OB1AjR0Y2K8qjuO20ha2atZoZkNAefdMLhhMQLorhnyi20TJ0o4xsBHYppokCdU7OLd8SD9PEOD9cegjvh_DBoikE-OFbu9k9hIX4BcjvUikyOu8Zkiz4p07nJWpXo9cNLtnRXVsLF-qtE8QoA9nXlOgIsw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame AF17 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEJM18mB37ZgeArf3dPe5qRI&google_cver=1	23 B 163 B	45ms 43ms	Image image/gif	2.19.104.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEJM18mB37ZgeArf3dPe5qRI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiotcLbATAB&v=APEucNWEXPnps78dkenV_pAF4IeOq6KXh7cK5BaD8jJQ4dlKUTorwWVUGZZDeHk13Pt-sA2OB1AjR0Y2K8qjuO20ha2atZoZkNAefdMLhhMQLorhnyi20TJ0o4xsBHYppokCdU7OLd8SD9PEOD9cegjvh_DBoikE-OFbu9k9hIX4BcjvUikyOu8Zkiz4p07nJWpXo9cNLtnRXVsLF-qtE8QoA9nXlOgIsw Protocol H2 Server 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-4.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers expires Mon, 06 Nov 2023 07:22:03 GMT pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um?eid=3&uid=CAESEJM18mB37ZgeArf3dPe5qRI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame AF17	23 B 163 B	43ms 38ms	Image image/gif	2.19.104.4 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiotcLbATAB&v=APEucNWEXPnps78dkenV_pAF4IeOq6KXh7cK5BaD8jJQ4dlKUTorwWVUGZZDeHk13Pt-sA2OB1AjR0Y2K8qjuO20ha2atZoZkNAefdMLhhMQLorhnyi20TJ0o4xsBHYppokCdU7OLd8SD9PEOD9cegjvh_DBoikE-OFbu9k9hIX4BcjvUikyOu8Zkiz4p07nJWpXo9cNLtnRXVsLF-qtE8QoA9nXlOgIsw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-4.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers expires Mon, 06 Nov 2023 07:22:03 GMT pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif
GET		partner sync.search.spotxchange.com/ Frame C22E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBsQD9LmkJiJjKfneZis_lo&google_cver=1	0 0
GET		partner sync.search.spotxchange.com/ Frame C22E	0 0
GET H2	204	sync ups.analytics.yahoo.com/ups/58269/ Frame C22E	0 125 B	54ms 10ms	Image text/plain	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-Ahj6ucLbATAB&v=APEucNUYjmY1h9F-coepuYRnaiL-teNCaJ_YzmXq4FWOf7huZB6ztqSB5QeSKLaG-6gtvJ4sAn0cHIYp_4GkknwX7XNVI-SURwfMvzECy6fCzzCVisT8ms2Flo6Y_oWBZctUmegLu24YCmcOct-4lkIfrAvyvw3CVHRonShkFTUvXkzsv539Nsug4vLad7HrCp-z13kSr-vIxskxTdBGnCz5MxlpN1dGnA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.87 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 04EE	0 104 B	117ms 25ms	Image text/plain	2a02:fa8:8806:12::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHJCAlYPgNACTnHsiiwOQvI&google_cver=1&google_push=AXcoOmTg1f4tvlgmn7PZ5ew0AUx6AMgFCESlSJZxuVeqDKRVsSd3WIzqPkZaUtK_Ov4ITO7r8Q2QNhLZkk1AzV1rdMJ9odkbVGTsQw Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 04EE Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEDKdz1Bqax7C-gVmhC_elxE&google_cver=1&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LPerL2aBoSD2FX_ https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=305494AA60174FDFB8EDAC8203357B3B&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LP...	170 B 188 B	18ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=305494AA60174FDFB8EDAC8203357B3B&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LPerL2aBoSD2FX_ Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 06 Nov 2023 07:22:02 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=305494AA60174FDFB8EDAC8203357B3B&google_push=AXcoOmSgYSxqmAG4cuCSFbQrQCNCBy3n4JrLXpE1EE9nPGLdArafDJXYpKTnlwApC0ErdKndTt94yk5KuIti7LPerL2aBoSD2FX_ access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sun, 05 Nov 2023 07:22:02 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 04EE	70 B 149 B	104ms 31ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGl8dviWolZ9iAkGfrdFMEE&google_cver=1&google_push=AXcoOmT55BdLHCtnTwprTY4nqev_kuO1E5cS9BHLFQ7ucwxpZVZMkO2w3FU9-AjtGzzUecgC-Gd1s4TfLQxthwdYK6EnRqW1HwovqA Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:03 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 04EE Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEKiU3VVZVikj5UvGLV2bucU&google_cver=1&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUF... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VKj8SU8nTTYaaNlJinzs5g&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUFwMEC_iQSD8_hSQ	170 B 188 B	18ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VKj8SU8nTTYaaNlJinzs5g&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUFwMEC_iQSD8_hSQ Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 06 Nov 2023 07:22:02 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VKj8SU8nTTYaaNlJinzs5g&google_push=AXcoOmQRfk1PhxpyAh_KZq9KsvCg7FWZ1EpdDY8OlkhckWFpKbfIxwNwF0a3dSbJzB5kh0DlqNMea65K7z18fxUFwMEC_iQSD8_hSQ x-host tde-deliveryengine-production-bb588bf9-j9p8j alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 04EE Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESENKLr7fKX31akPCx04soJ8c&google_cver=1&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h... https://d5p.de17a.com/cookies/google;c?google_gid=CAESENKLr7fKX31akPCx04soJ8c&google_cver=1&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA	170 B 188 B	16ms 16ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmScbZbOXRJT2l6lHQ5Nw7Psvi8emQqq3SfvvAFMyHgTEBDN9_FgkOeBUINNQ67cGm_bwAQ5QQH1w_v8fZgh_UV6y9h3b30WDA content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3	200	pixel cm.g.doubleclick.net/ Frame 04EE Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBxVN1pXF0sjJkj_SmnJ0-s&google_cver=1&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhW... https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxOTY0NjYyODE3NjcxNzYwODE3OA%3D%3D&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKi...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxOTY0NjYyODE3NjcxNzYwODE3OA%3D%3D&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq__g Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkxOTY0NjYyODE3NjcxNzYwODE3OA%3D%3D&google_push=AXcoOmQIHFCcbg5fOEYqBekZ-mxxvs4ctkmBZyRinYNChMTBfsf7-nKioWiE3b2-Pu-Mxb1p4GN7PIuuysYGtxCcTou1Aa-lhWq__g date Mon, 06 Nov 2023 07:22:02 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25 x.bidswitch.net/check_uuid/ Frame 04EE	43 B 145 B	12ms 6ms	Image image/gif	3.127.91.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEz1wWRLFeNo3gAVgDaao0Q&google_cver=1&google_push=AXcoOmR63bEbzron5gu8P6nPtjc3RFglfitDiykiRXVDK-Bb2PNDKDJ_hooAeg9Y-YRXzNQQ_UIVsnKdWih-o5rXJKxJZqCSZ59z9xc Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-91-113.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 04EE	0 40 B	20ms 14ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kc9g-CpzNY0q5M4L7RSEDBMBV17qzF5VRZ327Ou05VzOJ2GwkgoK6A--N7EoACsGNPwJKX2w Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:02 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 7469	207 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e0df6b7dae854c23a6686102b2d3e4ee36b75558b6f46255907a7e6571346c4f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2095538386126913205/ Frame 8EFD	33 KB 5 KB	27ms 9ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3af09664a07e324eefe5188f5edeb887ba3a38e74e1c5f8960df2e75083c0b32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8510 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5514 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 05:00:12 GMT expires Tue, 05 Nov 2024 05:00:12 GMT last-modified Tue, 05 Sep 2023 21:26:20 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7469	0 0	92ms 52ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYfqF6k3E_NKdXDQb3cLfdLP4Vc3BIEDGn7OtrInEzx3X6FrPmCpS_htC1DUgAEi_5zYok_bmrRvv4fWyldvlhP8tGSg_gu-BO6N5ERRtDEI5cNxAMM87hlag3Pvs0APTBIEkyxIJXm_fA2pBKmyAS1cscHK64ACzVC6m_5lIvDOc5vQIperK2NkjLmR2LNVkZUA0wIQ570n2OHuXfVq82UbfkTRJv5gMu53Tl-6oZ9zsZu7Gagm3N1d5OjsDfRg9QbMGdpSmyC8cuXpK6YwxNKPRZ7XOZV6P6ILgspBbbUP0bgvusxwPSJRLHphJ1S-7g8rcNfrK8iifuil9ryIsxCu_ug8T0555m4qw4hGKx_dbwZkBg0H2E_8N6RZ8U-XYbR0oGsc3VpeRT2PWwhsa73M5TMVK-NZ1St14YUh1lMDqpjo6bQ6TK-zrkv_5ugrMCzTmZu5ae3NnFTmQYfGFvh6m0jb-kH7ekrr19ayBnfL-JZVPk5hkK2QZfPjWUZJ4keULa29DtpGTBWRPlwuxjEmK3OMn2jPtD7su7udkGkJVfOFl4yGbBXMMa1yeJiJOHzcvHgF-r6r9mghnE28lxxFJ3hpIkzlx1PK8HmFMjVLcM9ipT5Uy8uDd7eYfRSCd-d-vuCVSL38_YAf9ue7iGjX-R0u5V5rmJxBV_WMnn4Q_asNwtfIA6nwJCtW1w7wXeCJ4h9-p6fRQ9t2a23hQejBJT4DSPxYFnabp_dcyWQmKI-7RxHg4K_2twF0XPAUTSGNpEUey0FYOF3JnlAQ1K2KUCeFJ1P6_9CENV4_DlUXdHPIdyXh1QOXjQMnR_-FABUE5ZhSLL4NNrE61rUYS17gCVquW6OwZlQG-_-k1qIe9x7C_oCDH1jAg9MWHCmTAlXZXdSU8BiWls-KPLkJ1bh4kbddMdzIuT33DzKL0Teu0Pt2cRIt3yKJ2vlaly_s_qODIK1lIvIhOTI2XO9OhNctuh8tAAt3Q-cUk9Xgb7FOXG_UeXUdUrQYtaDsTGegN_mcpaylRyfxLumxNeH3BIPLuvjpzDj5mhr6oXLWQqtJai0x2nhK3uACJDWl__vPvKovb-4_TLRdpF515vLXzpy-mQ_0Ckk7SPD16-qjxBoK8j3iOEy21VEjCzSzpum9rRjtJj761zjd5LhcTRwLnhl3s9S_WEU9HbXnAuMT63w-zBuygUnCEw94vrfCsONug9foPYEIQ39dgKBZPg5nfwixsfUZtnSzChRE8S4OuVHTNNE7CHDiPd2NJR-n6OYCvV9JykKRehFxi2LnrYLJDmPtmFPTXl5RvZUHIqiWiYXw&sai=AMfl-YS-JPEKqwb1gX-uqqduKrazfQ6bLtJo9mys8_zrlipBbHX_9TCFcCJuEgdd-aB1ojgA-W3E0Q_Ki2qIKuf-qIXRWfP-39xpkmy5oNtCGcdp0IdriMiVbk1bEbN4zWufGgjJ4vIvez2G3nkeHjNJhrAV5XCBOijfcGQ3q00pF5fNlWznyuANcAprSCsfkn2XSCDLfrTrpjYSd0sCKmwMmIwbNexPTpUhTXJcL3CC1c9lm_kroRgCJoIp5US3Rx4ZPzwVfsutMBj3fiJEvUS19PYGKrtjWH8SWplsh8KhG8heKU86BIPd27oORWsgHhbHO3YU6n5xkuaDmoIbPJI3Z8FbVuE5SN3DX1SUC0DMy0okyAgVHM5uKTHJyxzuIEfxdoNp_Wfw-gHLVL4OKHcLLPXj-OH3&sig=Cg0ArKJSzHm92LCCiBoOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=106&cisv=r20231101.43726&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	ca choices.truste.com/ Frame 7469	26 KB 26 KB	48ms 7ms	Image text/javascript	13.32.121.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-100.fra60.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:22 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront) content-security-policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; x-amz-cf-pop FRA60-P1 cross-origin-embedder-policy unsafe-none age 8500 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-xss-protection 1; mode=block referrer-policy origin server nginx cross-origin-opener-policy unsafe-none expect-ct max-age=31536000 x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type text/javascript;charset=UTF-8 cache-control max-age=3600 permissions-policy geolocation=(), microphone=(), payment=() x-amz-cf-id Yykqnv54R1bwIN5l8F_xowcdfv6lKhRoBvusu7CFdKdN0oDET2ESCQ== expires Mon, 06 Nov 2023 06:00:22 GMT
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 14B3	38 KB 13 KB	9ms 7ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 256062 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 08:14:20 GMT expires Sat, 02 Nov 2024 08:14:20 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 6425	38 KB 13 KB	12ms 7ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 256062 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 08:14:20 GMT expires Sat, 02 Nov 2024 08:14:20 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame B9FE	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e7b5f7f1848709400ef85a2fa8cba202a797efbb8d00ab5e62c8c5d7b771f87f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FD29	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 016c281cc4d9ad13213330fa1e984b74217c78df0a499e4c12c9d58bc40f7f58 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/3061800694617881530/ Frame E8B7	56 KB 7 KB	18ms 9ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb68976cb1210f5d4cb4cfb2b64f905e577a4610b53adcfad011d1c1ba9c2242 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 87719 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 6848 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sun, 05 Nov 2023 07:00:03 GMT expires Mon, 04 Nov 2024 07:00:03 GMT last-modified Sat, 04 Nov 2023 15:18:18 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B9FE	0 0	58ms 51ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjste-Op723SzlchMwT-F-OaoO2peQ5zaH5lz3jekSCN3_bj0cQqWa6xzESbFo4p-BwRzklOw8OWxxG4QuXxGNtm_abEBiyk5bxHGOr9v6iEyedMnczJbHdV3P3Mtp06AZwg1fLXChBqXlp3qGEmRqm1brEFFrl_-GahBzpq5r184pnHQWui2DD8RuJsLU-xJngs4hVKYvjVXgFaC6rHmgi5AG0NI2WCGOSNVZAvnOafPPuPyCUrAYA5fPlP1TRjhZWo03j_2IILJpGtxCkS7MKYLdL4BFYVEsbr_pVAvBWLLPrnBScTX_wPYfyciRlxnl8syCSl3U1Pc9V1QGPzRNnJsBreu1JomOf2X5y8d56A3-pV9yjVbhOBQsWroEFEY2r9sSrzn16tCC_-kCXQM46evbByNjieZIUr6U1Krp7NUtI9rk0WB3v5BhFZSfwmTJozsmPHOcXr1IDxGZDXaxs9xVgI5JL8SizYDAoRcMhtWJX2J8tSzU2JS5zB3LUOvaGsiC8OizUZCMrCzbLrOcnzfI2EaNC19xrFBCVo0dU6Eprs9GuPiLRWweMH21LDOjj1XFQiZXkEroo-7jiXLS_cMbdZfbpqIVTc9AGMNIAQdkL7d4ekvb4R8uWy0vSIOaAe6b31n8Maqt1JGPZfC3HEsuETp6_r58OPlsInro8YNgDnzd66SQIJheMq1gMoAYdvHaVGNoK1A8jn5xkjgBkbOOWaqWE649w-FkMR8RWiKctn1lLwllx0tEP552s7VwKQBJcfIB_sv7Knw46gj6gN9zzziKvzGt_cPsnBG7s2dPO0ibL7tZ5gl3wlw2MMmzmy57lJnF4S1G6Kj3w3EXQg3M3umwdrdjz432UkZ3B19CSWHHpZv_rAGGH_E0HVX1BzAkKo8_FOv14XcREPlnAGYB0TLN_k1_ItyOFGA0wsrpbTY1E5CrlZhnuFRVKe2M50N0Z-7opEU9qfKEG02IOWKDjgD2EjxYjmx9pHNA1k9URMsxP3oHpmtGgj-qPQC-6G0h8FuULmqrZPQHKKphFRF6uXTRxeF0KorUWVVqNfEGEme1BYlwkdDHW58jbqanRcJIifNNeAkbuEoZUnv5OcjEs8DyKAFmkJ256iBFlH6bvqPyMpAYCQWnyr8wpVybpG-LVnqOSXTnciU2mL8E6SZunrQ0kKNOqbKYmpPu_Z56RUeGDtazpcxprqrlijnkfsqTAMWWkDzU5-240mnn8L0DlU-SWNvsD-jlMeeb-k59xOJXMqmxv7CK7jGaOIK_GS2QeXAfwrgJklg01U_o2CM0diGfof0vlPe9J3-UPqq6w&sai=AMfl-YTO3BTzdTcGArJBGC0nVIcwhWKUdL1padWByuwTfnfz9d7q4dmSgSLkcpR4gVoZYkoaUBNZuUwwql02WiIOtTdpY_SUgUmAs-Yz-rjKXTsp09UAzIH-boA80L7PmThe7uzSxzikMNz7HPX9Rf7_OM1-8EwOPsldYgTHcFLdsB2fzenHh-dnnLorvnLQRkYKxuVoq29EoV7hYPKKY0s_M61n1pjpIJk-TfQpD-Bql1q5d4kcOD5Lb9IUthX1_evfUYl7ZfXbnni9cw8W60SVSUlGXHQVrOry7o-5gG2BRerLhAzTkpKcYKzp_Ye5StXbMgouzYpO5KTOJgs05qtTR9wV3nhugetT1L45WcfxyBGP-SPNDMASYXsAR65b6NLBAGcyh1WL3NnMJ5dtEIdO_PS03Wwk&sig=Cg0ArKJSzGkznqFexL63EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=124&cisv=r20231101.96482&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	ca choices.truste.com/ Frame B9FE	26 KB 26 KB	14ms 8ms	Image text/javascript	13.32.121.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600 Requested by Host: 7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com URL: https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-100.fra60.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:03:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront) content-security-policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; x-amz-cf-pop FRA60-P1 cross-origin-embedder-policy unsafe-none age 8311 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-xss-protection 1; mode=block referrer-policy origin server nginx cross-origin-opener-policy unsafe-none expect-ct max-age=31536000 x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type text/javascript;charset=UTF-8 cache-control max-age=3600 permissions-policy geolocation=(), microphone=(), payment=() x-amz-cf-id r4texWoLKQyn7Y39qOaaH_OPlD642ao9U-weqP7Xbzfup7Ur1MRvhw== expires Mon, 06 Nov 2023 06:03:31 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/10612428967101759420/ Frame 8579	41 KB 6 KB	9ms 8ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9262aa86a7c7c0e7f107e55384da241980894774f702dc972e1bd44ec2c1677 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8517 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5941 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 05:00:05 GMT expires Tue, 05 Nov 2024 05:00:05 GMT last-modified Thu, 01 Dec 2022 23:27:23 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame FD29	0 0	54ms 53ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBUbW-ztNFytVFh3X2mlYUPdqzK-16LI8wW5Qe3Bpl8Y4vFTDzTZAP4fncIdYXU3NTXvIg0cbpMEYkghgHclsT-NQeNI7NGZLMUa16LFz0qDh2aCa1W0LbyQcbSN1CktIb-KFJRk1jWsuIlj_7-6dTqJRiU-uSsOXGRI6Jq8qz2iVxl1Ac0ofZCHFjhgSQG-oyelUwBk8TlTahz-AzSk2yhP6jd41O2t50Y1qtdGAaR5qBpPqUXMs8mJkwjfu1DXfsE9X6kZxofN9HUahy6Yvip8JlX90dLBdLcMkk8-rKMmGyugvegHPRcfuLpr2RcmjL8QIk4Yhg7_7olX_KI-WWPbrC20QuYxclYgfuyTB5vKnSb_yrGfMUPcTJikyJ4BboqEKiCDSa71uZNrorYNZiTKwzpb5U495IyMSTHh5-DmAQkggFt1U-goov_iA95CCuK5MToDv0DlsP8vj_ubiYxjPNUGDunbnrVq9oxyzKI7PbQni1GnQQ9_Nl7kDYA0UclIIqS-EM293U964Q7l1RZsRbLTEyVC-abyPMnRQsWtWYsL9zbgTMjVBQ9hEJukH303AGtlpHLx7a7LpoxVB9MteyA3uaog-7OPitqXdpMh5MxeJe3V1XLWLTg6ZroJ84GN9_OpF_aQeqa_keQyb9mHi3iZC2MUwykINk_h6Cdqa_I-7ZxxhqjSbz14EsF7-tyq5lzmhxn_lJdTbuRl_BeZW2gSCzqg-_7Ab8cqU4V5IuqgtCoVGGKDrW6eR6KdvDMauYQN9myGJ_wOgU8xTNVIFkPdIYlnumbJFp1R4brPEfb7_kvkp2IQrmx6xKVqhbieEUNeaBrr-P7wUAejN9LszCxlplSmEG7oRickKrRH3wdo7dRYstv1hdEqC_0rfNgU5XKEh2OPrAEPiqcvWlJN4odtHSRN93jxNX3yIT-ok4p56DY9cad_bTd3_QKEQf9YwYrbn1iQknem4xv0569bnbZLd-flKDZo9PcIYBB4PKdXdGIfew0BSw5Mcu7lVoMLloYZZ0qnBc5fxcS5qQWMRHKDMX_STtUh_HYIhLBnOLoh6GrhRlzyLd5i1At52Rwo8EAMroKin34QFN9ZVjexaZm4PNbvUo3_zCPjALhCCB0JkccDFyEAEnaIxkFvBTo0ophDNKHeQW9wv_hYtFj6mgfj26X5xNsAsluBDE98WH3kQaXcZ7Gc2hQK0Yl5TRfmXtYyKalSZKuzQ-Sn6OypYeUBFO6WoQityk6P7SdSSWLWI8cqkKeEscfQ8Qg8ZRdYE0RmzoinMkwYNTNjcyXjWAVqdy44VKQ6pC1YGs&sai=AMfl-YRge4GBDhAJX8CVKvOMtKzUWow-bpaYnN98GqcQSvlA5eCvGmNxsTNl6gH_6ASqId42wmjFgLE11ES5NvGXX7FMBRg950IdW3Q2uoR3ImaPcdSGFM5KoPN4-z25_luUWE-u696m2jwe0aCr1Dh5va0OBtfNYvIVPoomghenke5srVU4Eec-lFqSnZpmXJX1M1989G9ET4ZK-tjBQ4RKsYGV4dNOtseLRfxuhYP9SI_xANlWQrdBmS6YEdZ_0NkcY_cBdtzikNO1cmr8r11BmGEqFYupyMYz6SWO3T9pqqKWWPTCAbb02ihZ7uwgFHL3Lxc387-ryd_jUfHaUBe6C3nSMiIFFSbKwdOOQzRVvOsgDARWJsixYalcgPryHOl_xi-F6rvMwTi74nNeF-NscK81lzup&sig=Cg0ArKJSzESB5oP2fiDzEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=119&cisv=r20231101.83209&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	ca choices.truste.com/ Frame FD29	26 KB 26 KB	9ms 8ms	Image text/javascript	13.32.121.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-100.fra60.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:22 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront) content-security-policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; x-amz-cf-pop FRA60-P1 cross-origin-embedder-policy unsafe-none age 8500 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-xss-protection 1; mode=block referrer-policy origin server nginx cross-origin-opener-policy unsafe-none expect-ct max-age=31536000 x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type text/javascript;charset=UTF-8 cache-control max-age=3600 permissions-policy geolocation=(), microphone=(), payment=() x-amz-cf-id 1RIgxnRi7eRN8B0Y-KrhFb0eCSKEvQwp0NBnJ196fcHysbQi9oABvA== expires Mon, 06 Nov 2023 06:00:22 GMT
GET H3	200	847961a0a8de2d1ede2c5f0d60929444.js Show response s0.2mdn.net/sadbundle/2095538386126913205/ Frame 8EFD	134 KB 38 KB	9ms 9ms	Script application/x-javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/847961a0a8de2d1ede2c5f0d60929444.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c7d1784b792d062cc925cec240af9b129aedb03cda0031e746b8fc4d77a18b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:13 GMT content-encoding gzip x-content-type-options nosniff age 8510 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39283 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:13 GMT
GET H3	200	82ed194af2d9cb42364ea7ec5ec7298b.js Show response s0.2mdn.net/sadbundle/3061800694617881530/ Frame E8B7	136 KB 39 KB	8ms 8ms	Script application/x-javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/82ed194af2d9cb42364ea7ec5ec7298b.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fd17ffeaccacafb2ff70d04b5d10f3854b954cf609b1aebb1f470c711cb6ee0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:04 GMT content-encoding gzip x-content-type-options nosniff age 87719 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39725 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:04 GMT
GET H3	200	c8048154be43edfd0b4fcdc3fb22db5c.js Show response s0.2mdn.net/sadbundle/10612428967101759420/ Frame 8579	99 KB 28 KB	8ms 7ms	Script application/x-javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/c8048154be43edfd0b4fcdc3fb22db5c.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 849032524598b6ff398f77a6bfc95235029778c3f6905e1459e53198077fb176 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT content-encoding gzip x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29104 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame E865	38 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:03:31 GMT content-encoding br x-content-type-options nosniff age 44312 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 04 Nov 2024 19:03:31 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 14B3	38 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:03:31 GMT content-encoding br x-content-type-options nosniff age 44312 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 04 Nov 2024 19:03:31 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 6425	38 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 19:03:31 GMT content-encoding br x-content-type-options nosniff age 44312 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 04 Nov 2024 19:03:31 GMT
GET H3	200	f4474e408ad33c038ba96f2b9276c29c.jpg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	4 KB 4 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/f4474e408ad33c038ba96f2b9276c29c.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 10d03f0913de3fe164a746707b45840e9c28868155c845fe85e95fe8dd2a26fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4300 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H3	200	395d370bde56edb1a7a13cb7c151fd9f.svg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	4 KB 2 KB	10ms 9ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/395d370bde56edb1a7a13cb7c151fd9f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:16 GMT content-encoding gzip x-content-type-options nosniff age 8507 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:16 GMT
GET H3	200	859255d4de3f7e01b1321c2ffe2f0e85.jpg s0.2mdn.net/sadbundle/3061800694617881530/media/ Frame E8B7	7 KB 7 KB	9ms 9ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/media/859255d4de3f7e01b1321c2ffe2f0e85.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c4768878a84058ad6fb50fc0592329f8edd990e1c60bc9ddcd8956ab1cd47dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:05 GMT x-content-type-options nosniff age 87718 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7353 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:05 GMT
GET H3	200	395d370bde56edb1a7a13cb7c151fd9f.svg s0.2mdn.net/sadbundle/3061800694617881530/media/ Frame E8B7	4 KB 2 KB	8ms 8ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/media/395d370bde56edb1a7a13cb7c151fd9f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:05 GMT content-encoding gzip x-content-type-options nosniff age 87718 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:05 GMT
GET H3	200	metrichpe_501_normal.ttf s0.2mdn.net/sadbundle/10612428967101759420/fonts/ Frame 8579	59 KB 24 KB	11ms 10ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/fonts/metrichpe_501_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/c8048154be43edfd0b4fcdc3fb22db5c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT content-encoding gzip x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24241 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H3	200	b9e2291b3be1ca3bd6d2d49b53d2287d.jpg s0.2mdn.net/sadbundle/10612428967101759420/media/ Frame 8579	7 KB 7 KB	13ms 13ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/media/b9e2291b3be1ca3bd6d2d49b53d2287d.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3f53f0e30c5cee869727e0f459f7e74b200179a8d9c778249f4ec164592125c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7290 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H3	200	395d370bde56edb1a7a13cb7c151fd9f.svg s0.2mdn.net/sadbundle/10612428967101759420/media/ Frame 8579	4 KB 2 KB	12ms 12ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/media/395d370bde56edb1a7a13cb7c151fd9f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:04 GMT content-encoding gzip x-content-type-options nosniff age 87719 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:04 GMT
GET H3	200	metrichpe_501_normal.ttf s0.2mdn.net/sadbundle/2095538386126913205/fonts/ Frame 8EFD	59 KB 24 KB	12ms 11ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/fonts/metrichpe_501_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:16 GMT content-encoding gzip x-content-type-options nosniff age 8507 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24241 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:16 GMT
GET H3	200	metrichpe_501_normal.ttf s0.2mdn.net/sadbundle/3061800694617881530/fonts/ Frame E8B7	59 KB 24 KB	13ms 12ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/fonts/metrichpe_501_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:05 GMT content-encoding gzip x-content-type-options nosniff age 87718 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24241 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:05 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 7469	0 0	46ms 45ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYfqF6k3E_NKdXDQb3cLfdLP4Vc3BIEDGn7OtrInEzx3X6FrPmCpS_htC1DUgAEi_5zYok_bmrRvv4fWyldvlhP8tGSg_gu-BO6N5ERRtDEI5cNxAMM87hlag3Pvs0APTBIEkyxIJXm_fA2pBKmyAS1cscHK64ACzVC6m_5lIvDOc5vQIperK2NkjLmR2LNVkZUA0wIQ570n2OHuXfVq82UbfkTRJv5gMu53Tl-6oZ9zsZu7Gagm3N1d5OjsDfRg9QbMGdpSmyC8cuXpK6YwxNKPRZ7XOZV6P6ILgspBbbUP0bgvusxwPSJRLHphJ1S-7g8rcNfrK8iifuil9ryIsxCu_ug8T0555m4qw4hGKx_dbwZkBg0H2E_8N6RZ8U-XYbR0oGsc3VpeRT2PWwhsa73M5TMVK-NZ1St14YUh1lMDqpjo6bQ6TK-zrkv_5ugrMCzTmZu5ae3NnFTmQYfGFvh6m0jb-kH7ekrr19ayBnfL-JZVPk5hkK2QZfPjWUZJ4keULa29DtpGTBWRPlwuxjEmK3OMn2jPtD7su7udkGkJVfOFl4yGbBXMMa1yeJiJOHzcvHgF-r6r9mghnE28lxxFJ3hpIkzlx1PK8HmFMjVLcM9ipT5Uy8uDd7eYfRSCd-d-vuCVSL38_YAf9ue7iGjX-R0u5V5rmJxBV_WMnn4Q_asNwtfIA6nwJCtW1w7wXeCJ4h9-p6fRQ9t2a23hQejBJT4DSPxYFnabp_dcyWQmKI-7RxHg4K_2twF0XPAUTSGNpEUey0FYOF3JnlAQ1K2KUCeFJ1P6_9CENV4_DlUXdHPIdyXh1QOXjQMnR_-FABUE5ZhSLL4NNrE61rUYS17gCVquW6OwZlQG-_-k1qIe9x7C_oCDH1jAg9MWHCmTAlXZXdSU8BiWls-KPLkJ1bh4kbddMdzIuT33DzKL0Teu0Pt2cRIt3yKJ2vlaly_s_qODIK1lIvIhOTI2XO9OhNctuh8tAAt3Q-cUk9Xgb7FOXG_UeXUdUrQYtaDsTGegN_mcpaylRyfxLumxNeH3BIPLuvjpzDj5mhr6oXLWQqtJai0x2nhK3uACJDWl__vPvKovb-4_TLRdpF515vLXzpy-mQ_0Ckk7SPD16-qjxBoK8j3iOEy21VEjCzSzpum9rRjtJj761zjd5LhcTRwLnhl3s9S_WEU9HbXnAuMT63w-zBuygUnCEw94vrfCsONug9foPYEIQ39dgKBZPg5nfwixsfUZtnSzChRE8S4OuVHTNNE7CHDiPd2NJR-n6OYCvV9JykKRehFxi2LnrYLJDmPtmFPTXl5RvZUHIqiWiYXw&sai=AMfl-YS-JPEKqwb1gX-uqqduKrazfQ6bLtJo9mys8_zrlipBbHX_9TCFcCJuEgdd-aB1ojgA-W3E0Q_Ki2qIKuf-qIXRWfP-39xpkmy5oNtCGcdp0IdriMiVbk1bEbN4zWufGgjJ4vIvez2G3nkeHjNJhrAV5XCBOijfcGQ3q00pF5fNlWznyuANcAprSCsfkn2XSCDLfrTrpjYSd0sCKmwMmIwbNexPTpUhTXJcL3CC1c9lm_kroRgCJoIp5US3Rx4ZPzwVfsutMBj3fiJEvUS19PYGKrtjWH8SWplsh8KhG8heKU86BIPd27oORWsgHhbHO3YU6n5xkuaDmoIbPJI3Z8FbVuE5SN3DX1SUC0DMy0okyAgVHM5uKTHJyxzuIEfxdoNp_Wfw-gHLVL4OKHcLLPXj-OH3&sig=Cg0ArKJSzHm92LCCiBoOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&vt=11&dtpt=353&dett=3&cstd=106&cisv=r20231101.43726&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B9FE	0 0	45ms 45ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjste-Op723SzlchMwT-F-OaoO2peQ5zaH5lz3jekSCN3_bj0cQqWa6xzESbFo4p-BwRzklOw8OWxxG4QuXxGNtm_abEBiyk5bxHGOr9v6iEyedMnczJbHdV3P3Mtp06AZwg1fLXChBqXlp3qGEmRqm1brEFFrl_-GahBzpq5r184pnHQWui2DD8RuJsLU-xJngs4hVKYvjVXgFaC6rHmgi5AG0NI2WCGOSNVZAvnOafPPuPyCUrAYA5fPlP1TRjhZWo03j_2IILJpGtxCkS7MKYLdL4BFYVEsbr_pVAvBWLLPrnBScTX_wPYfyciRlxnl8syCSl3U1Pc9V1QGPzRNnJsBreu1JomOf2X5y8d56A3-pV9yjVbhOBQsWroEFEY2r9sSrzn16tCC_-kCXQM46evbByNjieZIUr6U1Krp7NUtI9rk0WB3v5BhFZSfwmTJozsmPHOcXr1IDxGZDXaxs9xVgI5JL8SizYDAoRcMhtWJX2J8tSzU2JS5zB3LUOvaGsiC8OizUZCMrCzbLrOcnzfI2EaNC19xrFBCVo0dU6Eprs9GuPiLRWweMH21LDOjj1XFQiZXkEroo-7jiXLS_cMbdZfbpqIVTc9AGMNIAQdkL7d4ekvb4R8uWy0vSIOaAe6b31n8Maqt1JGPZfC3HEsuETp6_r58OPlsInro8YNgDnzd66SQIJheMq1gMoAYdvHaVGNoK1A8jn5xkjgBkbOOWaqWE649w-FkMR8RWiKctn1lLwllx0tEP552s7VwKQBJcfIB_sv7Knw46gj6gN9zzziKvzGt_cPsnBG7s2dPO0ibL7tZ5gl3wlw2MMmzmy57lJnF4S1G6Kj3w3EXQg3M3umwdrdjz432UkZ3B19CSWHHpZv_rAGGH_E0HVX1BzAkKo8_FOv14XcREPlnAGYB0TLN_k1_ItyOFGA0wsrpbTY1E5CrlZhnuFRVKe2M50N0Z-7opEU9qfKEG02IOWKDjgD2EjxYjmx9pHNA1k9URMsxP3oHpmtGgj-qPQC-6G0h8FuULmqrZPQHKKphFRF6uXTRxeF0KorUWVVqNfEGEme1BYlwkdDHW58jbqanRcJIifNNeAkbuEoZUnv5OcjEs8DyKAFmkJ256iBFlH6bvqPyMpAYCQWnyr8wpVybpG-LVnqOSXTnciU2mL8E6SZunrQ0kKNOqbKYmpPu_Z56RUeGDtazpcxprqrlijnkfsqTAMWWkDzU5-240mnn8L0DlU-SWNvsD-jlMeeb-k59xOJXMqmxv7CK7jGaOIK_GS2QeXAfwrgJklg01U_o2CM0diGfof0vlPe9J3-UPqq6w&sai=AMfl-YTO3BTzdTcGArJBGC0nVIcwhWKUdL1padWByuwTfnfz9d7q4dmSgSLkcpR4gVoZYkoaUBNZuUwwql02WiIOtTdpY_SUgUmAs-Yz-rjKXTsp09UAzIH-boA80L7PmThe7uzSxzikMNz7HPX9Rf7_OM1-8EwOPsldYgTHcFLdsB2fzenHh-dnnLorvnLQRkYKxuVoq29EoV7hYPKKY0s_M61n1pjpIJk-TfQpD-Bql1q5d4kcOD5Lb9IUthX1_evfUYl7ZfXbnni9cw8W60SVSUlGXHQVrOry7o-5gG2BRerLhAzTkpKcYKzp_Ye5StXbMgouzYpO5KTOJgs05qtTR9wV3nhugetT1L45WcfxyBGP-SPNDMASYXsAR65b6NLBAGcyh1WL3NnMJ5dtEIdO_PS03Wwk&sig=Cg0ArKJSzGkznqFexL63EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=450&vt=11&dtpt=324&dett=3&cstd=124&cisv=r20231101.96482&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame FD29	0 0	45ms 45ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBUbW-ztNFytVFh3X2mlYUPdqzK-16LI8wW5Qe3Bpl8Y4vFTDzTZAP4fncIdYXU3NTXvIg0cbpMEYkghgHclsT-NQeNI7NGZLMUa16LFz0qDh2aCa1W0LbyQcbSN1CktIb-KFJRk1jWsuIlj_7-6dTqJRiU-uSsOXGRI6Jq8qz2iVxl1Ac0ofZCHFjhgSQG-oyelUwBk8TlTahz-AzSk2yhP6jd41O2t50Y1qtdGAaR5qBpPqUXMs8mJkwjfu1DXfsE9X6kZxofN9HUahy6Yvip8JlX90dLBdLcMkk8-rKMmGyugvegHPRcfuLpr2RcmjL8QIk4Yhg7_7olX_KI-WWPbrC20QuYxclYgfuyTB5vKnSb_yrGfMUPcTJikyJ4BboqEKiCDSa71uZNrorYNZiTKwzpb5U495IyMSTHh5-DmAQkggFt1U-goov_iA95CCuK5MToDv0DlsP8vj_ubiYxjPNUGDunbnrVq9oxyzKI7PbQni1GnQQ9_Nl7kDYA0UclIIqS-EM293U964Q7l1RZsRbLTEyVC-abyPMnRQsWtWYsL9zbgTMjVBQ9hEJukH303AGtlpHLx7a7LpoxVB9MteyA3uaog-7OPitqXdpMh5MxeJe3V1XLWLTg6ZroJ84GN9_OpF_aQeqa_keQyb9mHi3iZC2MUwykINk_h6Cdqa_I-7ZxxhqjSbz14EsF7-tyq5lzmhxn_lJdTbuRl_BeZW2gSCzqg-_7Ab8cqU4V5IuqgtCoVGGKDrW6eR6KdvDMauYQN9myGJ_wOgU8xTNVIFkPdIYlnumbJFp1R4brPEfb7_kvkp2IQrmx6xKVqhbieEUNeaBrr-P7wUAejN9LszCxlplSmEG7oRickKrRH3wdo7dRYstv1hdEqC_0rfNgU5XKEh2OPrAEPiqcvWlJN4odtHSRN93jxNX3yIT-ok4p56DY9cad_bTd3_QKEQf9YwYrbn1iQknem4xv0569bnbZLd-flKDZo9PcIYBB4PKdXdGIfew0BSw5Mcu7lVoMLloYZZ0qnBc5fxcS5qQWMRHKDMX_STtUh_HYIhLBnOLoh6GrhRlzyLd5i1At52Rwo8EAMroKin34QFN9ZVjexaZm4PNbvUo3_zCPjALhCCB0JkccDFyEAEnaIxkFvBTo0ophDNKHeQW9wv_hYtFj6mgfj26X5xNsAsluBDE98WH3kQaXcZ7Gc2hQK0Yl5TRfmXtYyKalSZKuzQ-Sn6OypYeUBFO6WoQityk6P7SdSSWLWI8cqkKeEscfQ8Qg8ZRdYE0RmzoinMkwYNTNjcyXjWAVqdy44VKQ6pC1YGs&sai=AMfl-YRge4GBDhAJX8CVKvOMtKzUWow-bpaYnN98GqcQSvlA5eCvGmNxsTNl6gH_6ASqId42wmjFgLE11ES5NvGXX7FMBRg950IdW3Q2uoR3ImaPcdSGFM5KoPN4-z25_luUWE-u696m2jwe0aCr1Dh5va0OBtfNYvIVPoomghenke5srVU4Eec-lFqSnZpmXJX1M1989G9ET4ZK-tjBQ4RKsYGV4dNOtseLRfxuhYP9SI_xANlWQrdBmS6YEdZ_0NkcY_cBdtzikNO1cmr8r11BmGEqFYupyMYz6SWO3T9pqqKWWPTCAbb02ihZ7uwgFHL3Lxc387-ryd_jUfHaUBe6C3nSMiIFFSbKwdOOQzRVvOsgDARWJsixYalcgPryHOl_xi-F6rvMwTi74nNeF-NscK81lzup&sig=Cg0ArKJSzESB5oP2fiDzEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=451&vt=11&dtpt=330&dett=3&cstd=119&cisv=r20231101.83209&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	metrichpe_401_normal.ttf s0.2mdn.net/sadbundle/10612428967101759420/fonts/ Frame 8579	60 KB 25 KB	7ms 7ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/fonts/metrichpe_401_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/c8048154be43edfd0b4fcdc3fb22db5c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT content-encoding gzip x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26072 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H3	200	metrichpe_601_normal.ttf s0.2mdn.net/sadbundle/10612428967101759420/fonts/ Frame 8579	61 KB 26 KB	8ms 8ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/fonts/metrichpe_601_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10612428967101759420/c8048154be43edfd0b4fcdc3fb22db5c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:04 GMT content-encoding gzip x-content-type-options nosniff age 87719 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26501 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:04 GMT
GET H3	200	b9e2291b3be1ca3bd6d2d49b53d2287d.jpg s0.2mdn.net/sadbundle/10612428967101759420/media/ Frame 8579	7 KB 7 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/media/b9e2291b3be1ca3bd6d2d49b53d2287d.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3f53f0e30c5cee869727e0f459f7e74b200179a8d9c778249f4ec164592125c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7290 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H3	200	dc50eea910680ad21d3a6684d78aff00.jpg s0.2mdn.net/sadbundle/10612428967101759420/media/ Frame 8579	5 KB 5 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/media/dc50eea910680ad21d3a6684d78aff00.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3264fc6956c8612de65bd5b81bd3b88259e184cb09c5383467a3359480156ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:04 GMT x-content-type-options nosniff age 87719 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5390 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:04 GMT
GET H3	200	bf92c8be83eeb2dbf186eb1436ebcb5e.svg s0.2mdn.net/sadbundle/10612428967101759420/media/ Frame 8579	4 KB 2 KB	8ms 8ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/10612428967101759420/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/10612428967101759420/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:05 GMT content-encoding gzip x-content-type-options nosniff age 8518 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Thu, 01 Dec 2022 23:27:23 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:05 GMT
GET H2	200	css fonts.googleapis.com/ Frame 8EFD	725 B 783 B	40ms 18ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:700 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2095538386126913205/847961a0a8de2d1ede2c5f0d60929444.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1ef4cbeeeeb11bf689c56bf1a96f0d51bd084aee65c3c247e099b85f088aa9d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 06 Nov 2023 07:22:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 Nov 2023 07:22:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 06 Nov 2023 07:22:03 GMT
GET H3	200	f4474e408ad33c038ba96f2b9276c29c.jpg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	4 KB 4 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/f4474e408ad33c038ba96f2b9276c29c.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 10d03f0913de3fe164a746707b45840e9c28868155c845fe85e95fe8dd2a26fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4300 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H3	200	4dd51d93410a4667da1399bd2dbb1e4e.jpg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	2 KB 2 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/4dd51d93410a4667da1399bd2dbb1e4e.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c32c36c6872626f588326bca70efc92cbe6422819a32a01ace6e42f36cb33a29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:07 GMT x-content-type-options nosniff age 87716 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1766 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:07 GMT
GET H3	200	f341e4a85c3cc0170f9a195088a35b3d.png s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	6 KB 6 KB	9ms 9ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/f341e4a85c3cc0170f9a195088a35b3d.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a9006b93336dcd2fd231466d020dcc2aeb883507cddf23565d6023913324407 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:17 GMT x-content-type-options nosniff age 8506 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6062 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:17 GMT
GET H3	200	bf92c8be83eeb2dbf186eb1436ebcb5e.svg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	4 KB 2 KB	10ms 10ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:17 GMT content-encoding gzip x-content-type-options nosniff age 8506 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:17 GMT
GET H3	200	409f667579a3c0ab7819a840cd41bc58.svg s0.2mdn.net/sadbundle/2095538386126913205/media/ Frame 8EFD	258 B 252 B	9ms 9ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/media/409f667579a3c0ab7819a840cd41bc58.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:07 GMT content-encoding gzip x-content-type-options nosniff age 87716 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 223 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:07 GMT
GET H3	200	859255d4de3f7e01b1321c2ffe2f0e85.jpg s0.2mdn.net/sadbundle/3061800694617881530/media/ Frame E8B7	7 KB 7 KB	7ms 6ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/media/859255d4de3f7e01b1321c2ffe2f0e85.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c4768878a84058ad6fb50fc0592329f8edd990e1c60bc9ddcd8956ab1cd47dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:05 GMT x-content-type-options nosniff age 87718 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7353 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:05 GMT
GET H3	200	ddabe6482aeda461d468a20a83bd339c.jpg s0.2mdn.net/sadbundle/3061800694617881530/media/ Frame E8B7	14 KB 14 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/media/ddabe6482aeda461d468a20a83bd339c.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8c60ee7d6cb3d0462cb066d7dbe75652d473c231930f038b7b01e6eb26116c71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13843 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H3	200	bf92c8be83eeb2dbf186eb1436ebcb5e.svg s0.2mdn.net/sadbundle/3061800694617881530/media/ Frame E8B7	4 KB 2 KB	9ms 9ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT content-encoding gzip x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H3	200	metrichpe_401_normal.ttf s0.2mdn.net/sadbundle/2095538386126913205/fonts/ Frame 8EFD	60 KB 25 KB	9ms 8ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/fonts/metrichpe_401_normal.ttf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:18 GMT content-encoding gzip x-content-type-options nosniff age 8505 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26072 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:18 GMT
GET H3	200	metrichpe_601_normal.ttf s0.2mdn.net/sadbundle/2095538386126913205/fonts/ Frame 8EFD	61 KB 26 KB	8ms 8ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/fonts/metrichpe_601_normal.ttf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:18 GMT content-encoding gzip x-content-type-options nosniff age 8505 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26501 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:18 GMT
GET H3	200	metrichpe_701_normal.ttf s0.2mdn.net/sadbundle/2095538386126913205/fonts/ Frame 8EFD	60 KB 26 KB	9ms 9ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2095538386126913205/fonts/metrichpe_701_normal.ttf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/2095538386126913205/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 06 Nov 2023 05:00:18 GMT content-encoding gzip x-content-type-options nosniff age 8505 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26441 x-xss-protection 0 last-modified Tue, 05 Sep 2023 21:26:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 05 Nov 2024 05:00:18 GMT
GET H3	200	metrichpe_401_normal.ttf s0.2mdn.net/sadbundle/3061800694617881530/fonts/ Frame E8B7	60 KB 25 KB	7ms 7ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/fonts/metrichpe_401_normal.ttf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT content-encoding gzip x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26072 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H3	200	metrichpe_601_normal.ttf s0.2mdn.net/sadbundle/3061800694617881530/fonts/ Frame E8B7	61 KB 26 KB	8ms 8ms	Font font/ttf	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3061800694617881530/fonts/metrichpe_601_normal.ttf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/3061800694617881530/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sun, 05 Nov 2023 07:00:06 GMT content-encoding gzip x-content-type-options nosniff age 87717 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26501 x-xss-protection 0 last-modified Sat, 04 Nov 2023 15:18:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 04 Nov 2024 07:00:06 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/ Frame 8EFD	23 KB 23 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 02 Nov 2023 16:54:52 GMT x-content-type-options nosniff age 311231 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 16:54:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E865	0 20 B	43ms 43ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSD3JGpRIZcaLCZGw7gOxwb_wBwAAAAA4AeAEAg&bg=!gYKlgs3NAAb4oU7C2KE7ADQBe5WfOH2tSvijXta6mE1lEIMYNgb4hPPxCfG-5MZUkQBI8KlOA0RK1P0XQsAIP_A0G745AgAAAQ5SAAAAB2gBBwoAcdlQ46oi3nIkV7RjXCnFYympOuOVi9y8TdsBBBcN36B3vyb5bWLwAdXFhlGorys4jJsrVUlql77NmWImmHNPiIvoNrZ8rQdLIU2Tyc1ps9EvQiGQuQ_HyrC3rBAioVM0JNfY15euGOz8lBLDYOmwCVcAmQL4MAxWLHDnQydTV5BGVqlNJzN6Epdsqdkwa7nCG6tQ0Mad7Vx6GRP9FZinkdxtCppWYF69FwXH675Th_brNYlUdsIeB71KAw1XdvumXOtQYn327BGSeYbbv5PNm-7yZoZvIiMl9KjthURzPmmro1wdXHFhoYYfD8eUK3E1aqZGl3eKE-AeGVSRAtGoGMY05KtRM0YMm2PmGniLVAyeVgdv7p7qAWYrFJgkPWdoDVFZPabZ8Dg3MTKxkgnosUne_9daZk2xkUbUvbquYW9m5_30E52HKFsPbnG__wMrfKTvzHUfO8gM7szVaqBBIX3NoXPJd83jfYbyeihE-P1tCiM9Uvl2BGzxKuOA7bUFO6t92CohwtC7YPaJq2tpMCbl2D9w3Sr0ix9TLnOUqdg6qcpHVELabxe62H2lYNcazHUULyHhpY4gI4ik70CUbq2fIpBrQtFX-eeLk9kxRLhJkVCcnE-wDBjOn9odLxCg4s56V7dRx-BDMdx4LvNCUUkvLMzWg0H0wQQt8BVxvPnT4vqXOK6G4Q-DHORatVdZDWw4OKwT-3egTJTRWxxUGkS6PlrNHud8zcJWTFGrA7g6CdFg-qivdJbJ31Rei1WdeAaKsjRGPn19ZZ1kzJcd9T7mXiAcRHMwYrSAjyqes4Zq10CxzhbeE6DZaTLxHGwpoWZGtRhtzRoHlB1V9_iPYqOD_6_YYcu-tTC2BDzIz7Ck-pYDXI4gwUNfic5pV8-IIs2hSMkyi2-nn-WcOJ78DIlCAs5eZcjmFKjtXLW7JmDAGKRwGuER6-1xH_qFd4cJKuqOnpf9fWz2oZMI0FSNWbP0LVcK7777ctHa-59uEiQyV2YIoWMyQG2eM8wu91coej7DvTcS3Gg5FFJSnyJ_pjpWE4bI5kMx2mX5AT5l7fCY86451joalyxcDLLu5ZkUg1W_gA64D2ifL42Hs83tY0aMbBGQK1-TJJ-bXxzWQnvenkffoZ55myUQrZHiZpin3ozouaW0KWF0WILRXQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 14B3	0 20 B	43ms 43ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTyskGpRIZcmLCZGw7gOxwb_wBwAAAAA4AeAEAg&bg=!4OOl46zNAAb4oU7C2KE7ADQBe5WfOAObUQ1iqz2oHic_j_M3yEEiOU1yddktCE8nCyNaV0EHTV0LYVNLGdr6YjWTmIlpAgAAAPlSAAAAB2gBBwoAKEIPXSjLmSuFOQHq-EzJ9LjrBbp7eBWyKetGymerLnxqDFZRJ7xZFyiZAvYivDpQkmtSVpZgyXZxbeZ681FVZrxFEBRQ8T05ldqbqspEiDOHC5LiL09_to6I9NdB-UInxZ8Qyd0lCzspsBBYYTb6yG1BAZ9Uih0UBGI77D5YDQ8s8iJcjMFRngSVwpq6qWYW2Nl49SxxxwFyOzpZSopwk8X3EfAWEdh4pmu-4tJj2sSeYpqOCsWMfryXPFSfI8vxyp8Um-6uDcWjRJMDGzM0IbivHU8Pqu8zK9CYslrb9GE7R7EM6rRbSX78S-_g_bU0YenLqSs1WMHTNhRljWjxNnSfim7k7wRd46OueCweGiy85Uh-zIapKF15ztKwGw1V-UwfaqSD31yb5S06FMNoW6L7oRcoGe6O32C_q1sB8JV_Ar84-U83r1bB-8_YjLfzTQoAl5S8QyxKDuxwTywN2avrSJ9f63VIeRBLNpxVbm0REUSqvabcMpyGl5h8E4L1Y4TY5TWIkeobToOTPH5P5OGf7Y8YWu_pVQD4v7GxuLLTr86tmUx-Y8c1UKfPqezBNgkDCsC5TcndSnCusRis7bi1jBzZOjRz0rjtlDjWrVuQF8U9V9jZ7C2hgTA2bKm_Kru-p0kot6mBGT6HyowO_jN8cOMWHV4VUfIz4gbxVrhZD_LtYhDU0p5ekxYNE_kY9sa_sBEihn0nNdw_eLVjGRcyMxTH7RVD1Go14SBiG-mxZJ9ZFUpIvY-7abKUfzOevEQtEbTTiAtirg64Jf_qg0KTXLsPFUKv2sgI39sDXPws92Q-8oL_j_-3cuddL19SGEwYYCiv3biCkT32NPJDjtrlmd7ly_EH9KhHSDHMJbSM7X_r8Xw1Qa0x2USG32mW9AnKyBaypLl4mfN45g92o_S7gBJErYFRuHQtIWF8GgQm4uiVDc_GBwbMZ9cBwm2oMmJTzGjyPs8psK6NWxo9X22wKhnoaQD6HU83KHWgWs_hcc2fZ0t7dDq0cRCsxe8rDfm7KtFAdk-dHPdFMOu8dH0RytpfVnqIhcdv2nGBdoVA2Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6425	0 20 B	44ms 43ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqRStGpRIZceLCZGw7gOxwb_wBwAAAAA4AeAEAg&bg=!a2ilaCfNAAb4oU7C2KE7ADQBe5WfOLitaBJPVw0Z6lzAobHpYTkgpiBLr6xD7s2rcV_m-g6idmEtdg2y419iXImtOp3vAgAAAJ9SAAAAB2gBB5kC9z1UlMV0ZpXem5qquMfdzi8CqxrTYRNd9Dyu6w_nTIuKeu90NxOydluHCo403VxBfSs8nvSmrPaU0DzTOxuGlvimr6zLAVvxLqD1pj8XTUmWUiz_1Cry2mOZD-Ock82Qv58plobueCNcPib_tmVt0FYClnD_OkYSDr53GBen6vAKe578xJOVxxnOMOTQqP_w63yGv5PDWAaZK6JeE1IAelNZ75DJg08_GWY1VQR3RvM3wsTrnt2oDtFAA6N8cnD9zqUALVoLVJ2v3OK5AYFKgQdP1VobaSFPOg-mDSkpSBnpgnwpZDa9Rs22sBm9h9-byCaEIzIzcXL1CCnOWaArZ-Jt5NKZcUFsFumUuZsXgqXHQagc7giN6Wzn02Qqhqu7YhBHUpNwGAgF-KByfxDe9O6te8ywgPmWTUSU5U3dr4s5JCbLV0NejgncmnYyXFQ2Z7QaF0rMjX3JxXOZMbH8KCdvfiqPFPei3vkBzO8-du_0M4M5_bplToNPA_4fjgim8INwDOBKmk24cK_DmAV2s5pMqXKxQ05SHIqgG5Lb_MGD_AE6cFeVuFs0YRUDNJhJADSm9bwUyvI0uMqSjA1bDPvjyX-LUMrmklfbI6Qe0Zn9kJR6-Bz9JyLv2P5EUmHagM-XwIIjdGC2FWYcZ7cSrFkcZebeTRonDX_KK-Pdvt8DQoDAZNt4zKtyzWqoFyo051oPlDlshqKVlboTY3GYcMm1FevuXnHGNbBH5K2o5da4aXCGk4UFH54jHckhL-dWRgOsamT8X8OF-jqUv2kiGBCtYnAqUIs54MKfDMHeECG_8hx9c17HTsdni4LrdXz9s9Ksxb2-Z8uzuEPnkRng1lJ4lSA-GPR9O6crrwgLZOwIfJje4Enp7IzzRzFLqve-eKXYgsPyMy3p09kPWowmHT6B4JJAiP-ERbmK5eAhwBa5c4dqjeZ-A62QkQtgcB7LZ077r_p-YeLs8k3PTq7KE7yqaoMIURYrHRCYIG7qhixFEBj_cJp0Gg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7469	42 B 64 B	47ms 47ms	Fetch image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFCskiHsT9CXQ67h6_8Jm_cPReYDyeDNyDdCURaC9qG0uiUUxto51vT0yTEJEBCWp39ePp-_fjU5AWAZQVXkGiYzNTNViXCvI7cx1wkZoe64op_zkrGaNq1X2uqW7SksXQPREuJEaNtdbd&sai=AMfl-YQ7JxHv5w4aXgG8WZMazs_hAEVGud5__uQnnm15NjAyS6Mkn1jj68gtqQD-rXoRmtUJWCTa1hGhlACN8EPcHPD0u4oVYuHtQTYFdH7NE8OnQ4Nw_eEhWJz-UGYC&sig=Cg0ArKJSzKuE95EeaW1NEAE&cid=CAQSPADICaaN3ru2bMnSjsnxU4-diRMeUSogsT7nO9j-V4j4mI6YKm1SUwauu1q2fLi2SSqsdGRvyJUVTX_mexgB&id=lidar2&mcvt=1018&p=390,510,640,810&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2238348835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699255322764&rpt=270&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:04 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B9FE	42 B 64 B	50ms 50ms	Fetch image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvchLXLETKviSKKXd8YrTLhvh8vRVMHRmI8sIgBgiBYKM2naSaczcWLtKDuFsRZwZF_9P5Z_RNz5WE5KJcqRhoL_WAuzK5-jKj5osoxk-uGomsf5p30gteqxYDy6uqI1mnvFa4i8D7lVEoe&sai=AMfl-YTKk0RhheNwDPPQQENjXeiu2NEl-3HAgi9FIoHkeRfoM0UgDCXGQzTcMbmXd1lCpVlwnGd8dnJxm4jvBTvryHsF3qO1lWpl2HeIbau-zmOOSphe0ZsvWnJhB-vx&sig=Cg0ArKJSzHnFaEwLMZvUEAE&cid=CAQSPADICaaN3ru2bMnSjsnxU4-diRMeUSogsT7nO9j-V4j4mI6YKm1SUwauu1q2fLi2SSqsdGRvyJUVTX_mexgB&id=lidar2&mcvt=1022&p=226,1086,826,1386&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699255322775&rpt=318&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://7c23f695db89cd467f5eb71e4ac27cd8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Mon, 06 Nov 2023 07:22:04 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

app.s.id

URL

https://app.s.id/api/user/me

Domain

ekr.zdassets.com

URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b11v881303989&_p=1699255320148&gcd=11l1l1l1l1&cid=1894698830.1699255320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699255320&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=28&tfd=4210

Domain

home.s.id

URL

https://home.s.id/cdn-cgi/rum?

Domain

static.zdassets.com

URL

https://static.zdassets.com/ekr/sentry-browser.min.js

Domain

sync.search.spotxchange.com

URL

https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBsQD9LmkJiJjKfneZis_lo&google_cver=1

Domain

sync.search.spotxchange.com

URL

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID