otodiva.id Open in urlscan Pro
2606:4700:3036::ac43:d8c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Effective URL:
https://otodiva.id/
Submission: On July 28 via api (July 28th 2023, 11:34:31 am UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 22 domains to perform 221 HTTP transactions. The main IP is 2606:4700:3036::ac43:d8c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is otodiva.id.
TLS certificate: Issued by E1 on July 4th 2023. Valid for: 3 months.

This is the only time otodiva.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:1bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	2606:4700:303... 2606:4700:3036::ac43:d8c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
43	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.67.157.9 3.67.157.9	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:9008:7637:b6ba:2b01	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
221	27

1 2606:4700:3034::6815:1bab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

otodiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2606:4700:3036::ac43:d8c1 (United States)

ASN13335 (CLOUDFLARENET, US)

otodiva.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.157.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:9008:7637:b6ba:2b01 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	otodiva.id otodiva.id	2 MB
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	891 KB
30	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	247 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 599 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8877 csm.eu.criteo.net — Cisco Umbrella Rank: 8853	257 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	259 KB
8	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 3	1 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	393 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	5 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8792 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9871 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15245	56 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5772	622 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	215 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 607	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 912 r.turn.com — Cisco Umbrella Rank: 3865	869 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	21 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466	713 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 862	716 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1028	731 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3556	104 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	601 B
1	otodiva.com 1 redirects otodiva.com	678 B
221	22

	Domain	Requested by
67	otodiva.id	otodiva.id
43	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com otodiva.id pagead2.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net otodiva.id
17	pagead2.googlesyndication.com	otodiva.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	static.criteo.net	ads.eu.criteo.com
10	fonts.gstatic.com	fonts.googleapis.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
6	www.google.com	3 redirects otodiva.id googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	otodiva.id googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.de	otodiva.id
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	otodiva.id www.googletagmanager.com
2	c1.adform.net	2 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	otodiva.com	1 redirects
221	32

This site contains links to these domains. Also see Links.

Domain
gadgetdiva.id
traveldiva.id
gizmologi.id
gizmologi.com
facebook.com
www.instagram.com
instagram.com
kontenify.com

Subject Issuer	Validity	Valid
otodiva.id E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://otodiva.id/
Frame ID: 578545C671EE19F1D1325B7AD2AEB62D
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: F1A3FA2211FAD7BB258E1679C4FEFB64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1690544063&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fotodiva.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063219&bpp=7&bdt=893&idt=322&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5085536733649&frm=20&pv=2&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350
Frame ID: A32DA515B1A70738D1E9942F1C618D38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063226&bpp=2&bdt=900&idt=348&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K4nIgDjlG8&p=https%3A//otodiva.id&dtd=353
Frame ID: CE59A0E9FA6591DA7A135D7207777BEE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690544063&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063228&bpp=1&bdt=902&idt=378&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s2TXcNWle0&p=https%3A//otodiva.id&dtd=382
Frame ID: 7515C0D1A06FB2FCFD4DFCD2232F938A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063229&bpp=1&bdt=904&idt=384&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NLw78yupZc&p=https%3A//otodiva.id&dtd=387
Frame ID: 89CD7017D1C6CFB38AE864CD441942B4
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMOnvwAKJw4K7eqUAA34OH3jKnMBMLqNAMDuEA&u=%7CQ8bDtbzIIY%2FLm%2FoiLnMAVC%2FpbF55%2BJu5Cl0LRUAh3SI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TysXVTFEb4Cd-ub6CzNVRzTqvhkg9GHjqUdbKk61-FjelFoK4_kFmV_TBpeBM0_Xcojj3QPYGZmXNvtTITzQvMwQDNbQ__GQIWc2ZmEFBqn8IywR-Yuee9-yTgDrQpkhQlPJazwW_bWSr-qmKHgol3IshykSfFNVOFaKMb7Cs8-cypyBb-TSfDjaSIZ-dP35gsirjYeBr_nIleV0NqVihe-uLRmxTqLkfq58UmlD6hgDg-zi26_owRlnabF18Q65lFrH1pzlh8hj3Kb1S5PIZFyzv_QGJIQQX9FxSyVj3Lw9ni9hOFDyHah37DFv0W2zB1fVqc-a8sNTZz5nfTHVboYghJobmQDd2f2WI5om6vz0Svie2tGShvVyV1Bs4G7O25PU8s9yrSTsfu-QhQ9s9uX43kTaDGmT6YBlYL5ZAtGcYCPGbmvDEXiezu5_E50SVMrWwAL53e8aRtSvrj1Io3LUoXSZclOHkdTyOTATD1ScDOCJ0YzdxEwdLd7KBBL5RJE7FW4YnM18ip11dRLVbPwahJLJeyAE-FTw8pXIBwYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0l5bv6fDZI7OKJTVtwe48LegBsme0rFc1Z2R93DAjbcBEAEgAGCVyquCtAeCARdjYS1wdWItNTk0OTY0MDA1MjgzNjMyNMgBCakCPWurWzxosj6oAwHIAwKqBL4BT9Dl3AD19UEw1WsD6UFO3iKH0AFcfBGE2lXBT1gEOIapIljsm-uAmB12916afGHAhmE5PAh9ieL5RSlCov79UTxSnYlXDxWzpcFPM55suFCd81qK68gamrYNjX8WwJpNaL9Fl9Cji4j1Muht6bv10M5z9LvGVBZCJbMZmjmvwE-jbH5dfSRuvxa9SDPuGSHy_jOFNvmg194Ws0Ovg_ThQOXotUmY1HRU9yIt-Qwha0PHLV7YeWO_4YoFx--AJYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O7LZ8OCE0mJNTRPV1S9h9aGt9Ew%26client%3Dca-pub-5949640052836324%26adurl%3D
Frame ID: DCE5A3ABEFBBEA6F6562546C59D1EB03
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 9CF18CD13B8D00B1F071BD16C94CE7A5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4CA970587C1794A1F3596C3D9584347D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
Frame ID: A1238653D492099BF4499379A60A9660
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9D063122F369AF7F4CF3F4CB86D4854E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2E1A2A5B49AFBC2F802D38271D37C88
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: D418ECEEABF13C5F596B37F4B189EFFC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 74420D44237508390DDCDBEB944E9493
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C6ADFF35F598CBA2773E0623B1BFEE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: C7DBF2BF45F56D30D80DBF2E678CC4FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 7F0C3CCB1FB61EDFE58340E8ACC00224
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: 4B10E45DEF59F759DA8C4090CF28987B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B16C8A7A636F7C52F2F2AB8778A418A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B64CF8B37143B0F6CCCCC6A1C4FCE932
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Frame ID: CB62E06AC87BA4BAF0E128E9224F1CEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C78C0C1ED875C5D0A45C47CAC4FF751
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB26202A39DD96B0831FAC13A4A5F76D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Otodiva.id - Online media for the ladies auto enthusiast

Page URL History Show full URLs

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

221
Requests

98 %
HTTPS

77 %
IPv6

22
Domains

32
Subdomains

27
IPs

9
Countries

3941 kB
Transfer

8028 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://gadgetdiva.id/
Title: – Gadgetdiva.id

Search URL Search Domain Scan URL

URL: https://traveldiva.id/
Title: – Traveldiva.id

Search URL Search Domain Scan URL

URL: https://gizmologi.id/
Title: – Gizmologi.id

Search URL Search Domain Scan URL

URL: https://gizmologi.com/
Title: – Gizmologi.com

Search URL Search Domain Scan URL

URL: https://facebook.com/otodiva.id
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/otodiva.id/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://instagram.com/otodiva.id
Title: Instagram

Search URL Search Domain Scan URL

URL: https://kontenify.com/
Title: PT Konten Cipta Kreatif

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1&google_push=AaAOQGE3fHdvQghZitFmysRRy2eX8HHIHOnul3-m7QTHjUvvHPa4ZgS5WfQ5QLe0FRZup5h_z7abAcST6Lbzxy_S_Hop-05pRIg2r3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwOTIxMDE1OTMxODAzNDE4MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1

Request Chain 175

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELOX5jCp3pNw02D0fG1fe8o&google_cver=1&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwNSeKbG8YhQbzcjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwNSeKbG8YhQbzcjA

Request Chain 176

https://um.simpli.fi/gp_match?google_gid=CAESEB1dKksqjjOrX9Te9RVFJ0s&google_cver=1&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-bYtD2U_SjmkITog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D4C63DACED34685A28DFB2F547E0041&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-bYtD2U_SjmkITog

Request Chain 178

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENDVt8Zs0136EWhOYbav-8A&google_cver=1&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cbtvp-pw44 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cbtvp-pw44&google_hm=eS1TelZVbjJaRTJwSFlIU1ZnazJPZno5RkQzdl9VcHlSV35B

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOLT1Wvvb0Di-XwwsIA_WCM&google_cver=1&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXgPsyUeH4awBrt5own_6Ns_A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOLT1Wvvb0Di-XwwsIA_WCM&google_cver=1&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXgPsyUeH4awBrt5own_6Ns_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwODMzNDI2MjY5MTE1ODQ2MQ&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXgPsyUeH4awBrt5own_6Ns_A

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

221 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
otodiva.id/
Redirect Chain

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
https://otodiva.id/

153 KB
22 KB

910ms
307ms

Document
text/html

2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea7007c4bbbc376418d1df6cf6dc0e80a1741df14dd4c6c8fd1b1e8225bea573

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7edcd003b92f085a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Jul 2023 11:34:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H6nh5scSRdaXKOW4KsUYQKUW8qs1tEDQg19oWxflzPjUtXQ%2FQdVRtVH5bcJjOnZrI1Gc9Q22jk6UEPxm%2BLNDhuart3DU07fNNmYlEyd2ObMlM0nU847u0ccsi%2B2ox%2FQyXpzJXOUzPt4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Cookie

Redirect headers

CF-RAY: 7edccfff9fc5997b-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 28 Jul 2023 11:34:21 GMT
Expires: Fri, 28 Jul 2023 12:34:21 GMT
Location: https://otodiva.id
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqtuGlNX758zvOAb15Lx4dMM%2B%2FYFyhmstxwIE41kvYAKviEhXF%2FlFgMQd2fg1N8DAipnf%2BpkhO%2FDBJibIaUQs%2FTIKwRZnIzySJDLofo%2FyRzVKeHrDFzcEmbYKSnRHW7%2BLN%2Fs0Far%2F5Aoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 kendaraan-listrik-1024x660.jpg
otodiva.id/wp-content/uploads/2023/07/ 93 KB
94 KB 308ms
305ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/kendaraan-listrik-1024x660.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jul 2023 07:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b24b0c-174a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEqpjCYk1Z%2BHW7XC%2FlmWdXuJMMDKoOyYHAtV1D%2FPbkZ08dzEq%2FM0s9M8oKCHE%2FepEx%2FJlcIAfGy7EwPDLTuF4iyocH3GyWSFLWimbdS%2FATn9b%2BAuVym2zxFA%2FsmgNumRu6AwPvIA0Vxm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372493
cf-ray: 7edcd005ab9a085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ts-icons.woff2
otodiva.id/wp-content/themes/smart-mag/css/icons/fonts/ 10 KB
11 KB 265ms
262ms Font
application/octet-stream 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2.4
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13056d106882ee191a6ae002dcfe77a62c8481c199c1af338a952d6650ea96d

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64ae7ce3-2914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpJ1HXaYdvGOhkwLrahPXcXbh5pHzpphsDuihHudpH5BScexueYqHJFw3Jt1ENG1VtbiUfGO9Tl7viIL0KZjHfJKD%2B98a4PFpw1tsnBUSjpALCIGV1N8xCjHxPASl17N3vZEkBQrQr%2B3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7edcd005ec22085a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10516

GET
H2 200 style.min.css
otodiva.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 259ms
256ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGJGuLux7fIylAJRpbYNTQeSu9rZNDwL6JadByeUs7ADYA0KUD6NFuZaD9grwsp%2F%2BCaX0zttaTNFsUa%2BR%2BXRT2RTlTnaqOXcL2zbsXbWtM7ey9uVzQZZq0cDlC4%2FWVUyaqUPgPiXwTss"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bb9e085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
otodiva.id/wp-includes/css/ 291 B
484 B 518ms
515ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flE5OZQ4WZRCc5eW19nA17ETyYvErIk21SVVeTiy8Bddj4L0jktH9YPLs9tYI3YJRsjx50uf2NloEXSedjzUudS%2Fl9mfMbx3Of1L%2Bzd6uf0viv2EeaoPSDGlGs3m8j2Ckj7Ch9gkqobM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bba3085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
otodiva.id/wp-content/plugins/elementor/assets/css/modules/lazyload/ 413 B
490 B 570ms
567ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/css/modules/lazyload/frontend.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-19d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4FdtsVqWtXyVH%2BHUDUNZ2V%2FLgmjPqkxoTGQhkOUy9LBkhx%2BelquqSNQsDIL8vy9bdT9HQeEIA8pGI9%2FeGOjNrfzWeDQdzIKag2oFiVwZEkg%2BM28YKqctQprWGw7QVuc5KmhB6TbotxR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bba5085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-lite.min.css
otodiva.id/wp-content/plugins/elementor/assets/css/ 103 KB
13 KB 215ms
213ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-19c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMDqomODlmSS9M%2BznvhHp5Sjm2GkpV9wFe6As0Z1H69ZdoTjWijRYN%2FzdDih%2FWFkGuLRwi6HCcSEKV%2FDUroftM2I8GBr%2FmYpik97i89tSTaGaL3axte%2F5%2BI%2FtlzbIMn8pynPMoafgINr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bba6085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.css
otodiva.id/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 225ms
223ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-4057"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STYnlWbSUiLq8ZQOKFgs%2FueYyXg9larJ6cMVCYY4LmYZp59NWxUjG6QWm002gFqB3%2B0OJmsj2ByZRj%2BFA4MzrPU8G1Zm4EoAZ8DR4B78SeyfSnkj52sik1Sn8QNmg8XBhekoLPLx0wyS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bba7085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-8.css
otodiva.id/wp-content/uploads/elementor/css/ 930 B
638 B 224ms
222ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/uploads/elementor/css/post-8.css?ver=1688445593
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 878014e6a9168c57eff7600e86ad88e8970ea651d8a163fcfd0173d246ace273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 04:39:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a3a299-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrOZWnLZr17E6sK4yPZdE3kc%2Fvl%2BnQ3oYTuDxYLfKwgM9LSGs9XSt0O1HRqXhTylbzZ8I7vTxM5Nnw%2ByPug0UrwQqefZWQfu1C4KUqwyFvQz7UPKgYrwlBuzZMraiNqArtgvTbTYcbBg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bba9085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-6.css
otodiva.id/wp-content/uploads/elementor/css/ 13 KB
2 KB 226ms
224ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/uploads/elementor/css/post-6.css?ver=1689640736
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e8dd3f0ac5d0d3fad25ad3f73975be87db679615f1e7af0d9efe02df2370ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 00:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b5df20-35fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sZU%2BaD9JuWDnRIODEySAUbdVx3NhJB2XMICPM73Bck%2B4UuTzos3X18PU%2B2jYUGrNvNBtAvn1taLsQA4cORXOV%2FNpmZVjTK3hXwQHROhdbCoHiJjivCsXdpF3ykDiPEo4f6glUbjJT1h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bbaa085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
otodiva.id/wp-content/themes/smart-mag/ 191 KB
38 KB 227ms
225ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/style.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d212ebb58e24f6786a56de7721662abc21831961e98c7b053f2f3f92fad848a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-2fc7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E0SsoTOipJajQ3GsgtkizdNEy%2FK2tu6Oor7456gHUCKuDCv5fxMRtD9Tt8QrMNN1s8okzFyU3hiwqzcjOuVer8ztPrcPM%2BHqr1x1eBpQXDyDMyIFEBJAKDSfs%2BzaKyCsDoFp%2FFU58lS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bbab085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightbox.css
otodiva.id/wp-content/themes/smart-mag/css/ 7 KB
2 KB 219ms
217ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/lightbox.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-1dce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KcWjs4%2Bbi4lV5ozD3bd7VRulDXr8n4v%2F3bnoF1c%2FbLvEsHLX93NbOxxn2B8%2BSRfpTz58WDscMlFVrMp7XXmoDGxOtSpSUQ8qNwKusJ6YtA8xHL5hvn1EdBCwAc%2F6XuSAIO8xuIvopxt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005bbad085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons.css
otodiva.id/wp-content/themes/smart-mag/css/icons/ 4 KB
1 KB 263ms
261ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/icons/icons.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc773158cf18dc46e3b09c9add531ce040f156f420ff5cea89584703f8a16cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-114e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hS2s8sUvxu21A8RdQOzIsx28JBW6Tr5BPhOgQ4zj24csKfB31OGYjZPefr305DwI0IAaErrpJ1ap0o%2FvfDRwIwtQraE%2F4Spmocl4wEf%2F%2B4sRi9NfoHVdrGUdMaelCB1%2FIjDQj2lIz7k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372493
cf-ray: 7edcd005ec1b085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 141ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant%3A400%2C500%2C600%2C700%2C800%7CJost%3A400%2C500%2C600%2C700%7CInter+Tight%3Anormal%2C400%2C500%2C600%2C700&display=swap

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89cc71ae9db584bda0ee5ebfcb9bb931451bbca3c47ad69221211d919a0e3c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 11:34:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 11:34:22 GMT

GET
H2 200 post-views.js Show response
otodiva.id/wp-content/plugins/sphere-post-views/assets/js/ 3 KB
2 KB 262ms
260ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/sphere-post-views/assets/js/post-views.js?ver=1.0.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3130f866e2557c43a08e1226e2b6dc3f439a0a464bc68a00d872840d31c690d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:29:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a39236-a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2K3afwgh1Dt%2FHEJzqe0flrIINHj%2FuBLEg0Y5Ug3lj9pTAZOYEuRPV8Axd%2BARuqTt4MK7wVv%2BFID1VolBpdJLl5Q2qXHha%2BDayAcMaThY3xPBoTtjOs5u24fCO8%2BJaIrJFaj%2FqxE4ywM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372493
cf-ray: 7edcd005ec27085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 147ms
54ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

233cd90b01d5277cb2b61aa02930e72bed09dc7f8827e85af21dce15d3116160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66018
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
H2 200 jquery.min.js Show response
otodiva.id/wp-includes/js/jquery/ 88 KB
32 KB 289ms
287ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaw8XhomkPiZPJxTojf1DABJVTZjROQwdhwRzt75zPdaT7AaVWSsOxsdFr8JrTJikWg3gIjTLEXpFPtVF7YRZPPDye8HDmbIFzZQuludUr3reW0hof9nYuNAnbJYFZ6volQ0c19wy%2Bdn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372493
cf-ray: 7edcd005ec2c085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
otodiva.id/wp-includes/js/jquery/ 13 KB
5 KB 271ms
270ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjMtNP0aB0yT3R%2BBWDI1dhE08JeXjBk3ARNViMeZP1%2F3IbDuHpy5ZiKzp6OAGW6h%2FjCzLl3fN0nS5DntTvGNzEfimqxeKeUbTzDMlKaA3iPzqXZu5WSKG9tACiEk8I2tq5jQmqnxDZuX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372493
cf-ray: 7edcd005ec32085a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 186ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dca76ea2cd5ed4f9c266b1614f9c310c7de3839833d52ab5870097cbaa5dca29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51143
x-xss-protection: 0
server: cafe
etag: 9745391565180478978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
H3 200 otodivaid-white-2x.png
otodiva.id/wp-content/uploads/2023/07/ 45 KB
45 KB 303ms
302ms Image
image/png 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/otodivaid-white-2x.png
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fab2c23386ae8d4d3d1859f43e6e96fa0c95d2c86c60288a918b7b4f3b544d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 09:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a538f7-b305"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM685X0fdSZUhdDhDaGhlCYdHi0kl3JggW7E1T0LrwlaT2f5bcrmUJUHKbvTxrgFPr5MNw5dxTz7vLELo25NXiOgE6Sa5wEhih8LRD9y4dldG0TMJI6y6upGOM0WD885KFvQ8IptumuJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=455372492
cf-ray: 7edcd00959bb1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 otodivaid-white.png
otodiva.id/wp-content/uploads/2023/07/ 19 KB
19 KB 345ms
344ms Image
image/png 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/otodivaid-white.png
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a60ad5531522c3bd4e2179e530104f4799e35c74cbe82466a1737cb8b66b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 09:33:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a538e2-4bc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlSlUqFhjYf3qKRGqacRqJdQL1TTEZBMHp0yDXcLnnl9%2F8SXrXqKgOIEA5B2sr5dnsK9bNXrcA0c2fhICVD9aAIPp7h7xd25bIGU%2FI0DUE031LHLbmBN0bQXQNNz9SLNXYm%2BkmUg%2F5SY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=455372492
accept-ranges: bytes
cf-ray: 7edcd00959bc1e4e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19397
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
otodiva.id/wp-includes/js/ 18 KB
5 KB 345ms
344ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAc09zTKtwligWCaycHLUzBCT4GWh0PkEqyIrC94hcgcc3CQUuPessJnq1j%2B5AQ3RUhai0CphmI3oz6J5DMb4I7RFV4gRmlNC2ptiASjYBlCADIEnK8crWMKqlDA0Rlvwm6q%2FlDKmbxT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959bd1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 animations.min.css
otodiva.id/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 219ms
218ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-4824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrfu8PgTirmjJMjgjPYNaWg%2B1lVKvqRquIABqhPsee5Vc%2BfWgVNWM5kvhEwssix3JRdjXoyOmwxiRaPdpA1E4anWa4r42euxN1dkauqCI25fJd7YNnJeSz%2Bs6IFLuLCMEzOezF9xzBV2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455372492
cf-ray: 7edcd008e9011e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazyload.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 9 KB
5 KB 228ms
228ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6071e2ed8dd3e36f6dfa6fac9e4858ae880ab3c1c60075d6e87545b8114a66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-23a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Fl0Wa1AZxaAhuGDIygx5bwuFHWAs2TstUaJ6X47lScFEp5ZrHbDiP5%2Bni9OhclYyArmcsX6wFZlPBexbG6qh89LRfF23fCb78CZsSifS62pERaU0B1w4%2FwuP8Mjq876hdQWywBp5MyO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd009498f1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.mfp-lightbox.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 20 KB
8 KB 534ms
533ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01rKTX%2FFKKTeURG4qzPDVOqPK6pwrFtzB8sxE6bv1CQG1CvA22ecbrXPjT2rAbLqcKBdcS4TDdfrufl77MmOSf5sa%2FaYNCDGnIlG8RqtiLqjmJRsOmW%2FLNjoidJNKkHKNx7jtZP4QG2D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959a91e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.sticky-sidebar.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 12 KB
4 KB 546ms
544ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-3079"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSzwo9gKwvIms4NrZw%2FjmGC34YgP8BTg%2BuuXXG8ZOIiNTCJ%2FdO84Ue1XnqibzI5ZNGhDNDxEij08lXJ%2FCRtjUI2bLHqfeJNIwYaTv%2FDw8ucLq72RCkdan27hmhvdYU9e0bITzP5aO1Rl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959ac1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 theme.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 52 KB
16 KB 253ms
251ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/theme.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc37c7117fa0be1f5025276a470b467aa7bdc1c34d94129aee332c2811fbaf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-ce01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B6CUnZPBnWX2QYXo9drs05inbK0B3gOxoWwIXSRWt15pjx8Uq8j7PBYclQKHdQZcPPz%2F3PP8jj1vkRMahkgGyjzqaz3Ro2UZG%2FPOqJLDt5MI3sU1swZfXwYFe25trEEY8dw40qpgGru"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959ad1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack.runtime.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 53ms
51ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 171482
etag: W/"64a38f84-135e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjeVLhyXMqgsmuQ5s536p6XTgC3RDN2hzSRhH5P83gyCM%2B54Lz9Wss55SPUkDQpR%2F4RP6YDXd%2BcwuIFQ1v0xPj3vqC%2FCZxSSBaCQOOZoPmDQETPdYA%2FWBJZr%2BgECua5huZpAgpkCkbAA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372493
cf-ray: 7edcd00959b01e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-modules.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 52 KB
16 KB 263ms
261ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-ce7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17SIFxQYYUroQPRktjNB6ZQkCp7HzIHhTl%2BYYlyq3etcdxRaPC89S99KbVFYLd6TptWPy6UShjGjhrPCsOQskSVnQU1F%2Boj5oljE0H0gJc9iCCfjUGrVjN5Ud8KQMTU6fmtIa%2FbMNBYh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959b21e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 waypoints.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 223ms
221ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-2fa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx1lEfuxsnABlG8TdPlTtDyrn%2BLU7ZQjKBRkssmytgZMW1rx0utwGBXLRauBwC9EG%2Bcae3SvDfzbscO1XHmfy7wer8Cjpnl%2BAdRa64e5l0SM5AhsSwXq%2BHvmZi%2BZbdE6BWJluQOQrW8n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959b41e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.min.js Show response
otodiva.id/wp-includes/js/jquery/ui/ 21 KB
8 KB 223ms
221ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9CN5d2tnVRc27KoZdGXZw0OUQdmgr732eEJW7qdGUzeDmBoWR%2BWOAZzKYtgRXeIEUzZ1RHOMfG3pNZhTj6f6aVRdrGrj2Pr3ni2aG8%2B0SGI563yaZjc87JKoQwz9oQcKWWOMKjuxkSU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959b61e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 303ms
301ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-9f6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnPWzYIKszPZedp75hPK0mnUWrH7rIpgcYM%2BQ1rpKh7bI3wx7kNvMRCB9gnnUeSaifwZ33oRZVoMadNLqenmLAOwf57AjOMg0605FJnruopOcpPZDul3CQh%2F7WpPTJLW7uIxkKhFxmF5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455372492
cf-ray: 7edcd00959b81e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v18/ 20 KB
21 KB 137ms
43ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant%3A400%2C500%2C600%2C700%2C800%7CJost%3A400%2C500%2C600%2C700%7CInter+Tight%3Anormal%2C400%2C500%2C600%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 07:03:21 GMT
x-content-type-options: nosniff
age: 102662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 07:03:21 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 26 KB
26 KB 157ms
78ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 12:36:04 GMT
x-content-type-options: nosniff
age: 82699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 12:36:04 GMT

GET
H2 200 NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v3/ 44 KB
44 KB 180ms
101ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/intertight/v3/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:44:02 GMT
x-content-type-options: nosniff
age: 571821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 20:44:02 GMT

GET
H3 200 zoomcar-2-450x327.jpeg
otodiva.id/wp-content/uploads/2023/07/ 31 KB
31 KB 263ms
262ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-450x327.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f80e901644d62f7ea9f1cc471afab7f5ae317ffb6ca0469fddd87958646198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bfaf11-7b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrlEQFUztY8iciXJQyk88YkcrM%2FYwaShneE8xu1PqbS%2F%2Ftj0KVJwnxod63lC69i%2FpXR3oiglpyqBIceTXHoRC4n7lU7a86vpkChBxC4%2BZ8K8KbShzDci0KKGXjReCUOy5WD8vbxIlYyL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adbf91e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 giias-1.jpg
otodiva.id/wp-content/uploads/2023/07/ 11 KB
11 KB 243ms
241ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/giias-1.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 05:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64be0828-2b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9eL745fkowbqOIax%2F5zJuAGx0nxWEdRqNsztmNNjF9xHs8nnVkf5uMNsZrxGQ02TlY8KiKFR3cM5rx9yZLp4xe11C5PBgKCwpF0Uru7IqSog5dLNBBd%2BXAtEwrH2YZ2p8cID2nSnaxH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adbfc1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Honda-HR-V-2-450x291.jpg
otodiva.id/wp-content/uploads/2023/07/ 39 KB
40 KB 221ms
219ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Honda-HR-V-2-450x291.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 02:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bde3f7-9c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uX3M%2FfL6d6ePq9Yxb28SJguUqftPpSd3smnXod%2F1OMKH7kQ7fQO7oNGRZmGaobTpKB0hxrtOXVscvVZNeqRVKK8P0UlXC8SQDr8EBtxksfx%2FYeA8YLOjmY7NuP9AbKGn%2BzHOX6Wy%2FSIl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adbfd1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 honda-modifikasi-450x311.jpg
otodiva.id/wp-content/uploads/2023/07/ 24 KB
24 KB 252ms
251ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/honda-modifikasi-450x311.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 00:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bc77f6-5fb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B8HG%2BTIEyGSq%2FNPM3It3qrUOwpHBE6WQlKrkCs3B6kkZL6RBu9z9zxxNz%2BHhOAJ71HDHVMxD5r%2FrDTlEF0ut58Ra5WpPg78t3TrE9xkZG0RvoNWZvB5TANUzAm8cWttz0Yx4CHjeh1B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adbfe1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Hyundai-1-450x258.jpg
otodiva.id/wp-content/uploads/2023/07/ 17 KB
17 KB 240ms
238ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Hyundai-1-450x258.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2872276c46bb88f3b244e1827b9a103cee97bf5f31f9c355016176196d05a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Jul 2023 12:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bbcafb-42b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iux6ENWpGopfBENhpStG44tzXwLNTMERA1gYErZOomdSZ2HqKkYMJs1hsQ5%2B8Sv7vO6XmSrvx8oFRZixcsDJfZVSBEe%2BA3zkqb1sSPaYupQfuxuj6dsbspsQZDubtkuNllOWGNk5O55E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adc001e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 369ms
367ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCwLjv1FwWmj6t33nUV6t%2F2Aa%2BVSp7lcCTCvPx2ll4emQLIJiUchIE8Iqq2stTenK3oqc8hszBqJNmcio5uMyVNSkkOfZsDDgT4zylyg2snqXLIBtdSvHKi8oSZQxMmsINutrJIhxkvA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adc011e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
otodiva.id/wp-content/uploads/2023/07/ 48 KB
48 KB 300ms
299ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bf77de-be18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUw%2FociSKh603bWm8asa1U96LJnxsKNFk%2BI9T5mGiUANYiLSi7MrFQH6PmEKSFF543s2ytsSgWhBXsdd4VCuVcgGN9a13Y5pW%2Fh%2FIBd4AvKUzA3y7H5RRLjLp%2BQ27yXMzlJUrz9mP41D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adc021e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-450x598.jpeg
otodiva.id/wp-content/uploads/2023/07/ 43 KB
43 KB 274ms
272ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-450x598.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ccf740ad840cb52110869896130e9c435416d2eb1f70baacbef5e870c4f788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64be1662-aa77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxLVTr4IwFK3szyqHilsH1UXvtXeeDigrRu1PzdkRF6qA4bDS5Y0nqBRl2EufMpIW1dUcUOY%2BWP3xPV0qSVjO4HramXEryUkx58bg7lnSYbCqs%2FveBiPYjd9FTAUQc%2FcwU%2BGGscLalNv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372492
cf-ray: 7edcd00adc031e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c915c6265aaa09f787accf6c006a19592eb3fe78f8aa59bc131e59de12a735fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 11:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1784
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jul 2023 13:04:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fa8b94214e8f304d31959713bdd61d07cdd7ac62d64c438731b01b2aa5f9556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75977
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 195ms
109ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6db2ee1a4cb2db6778a206da30c7a3810f66e80a4eb02a2d18a70767f118bee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127323
x-xss-protection: 0
server: cafe
etag: 16021992735251876444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame F1A3 10 KB
5 KB 134ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 10:04:53 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 10:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 140ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LY8D8YR8N2&gtm=45je37q0&_p=896033860&_gaz=1&cid=1741505959.1690544063&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690544063&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.id%2F&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 154ms
51ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LY8D8YR8N2&cid=1741505959.1690544063&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 159ms
66ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LY8D8YR8N2&cid=1741505959.1690544063&gtm=45je37q0&aip=1&z=337134733

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 117ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8W66JYHLF1&gtm=45Pe37q0&_p=896033860&_gaz=1&gdid=dZTNiMT&cid=1741505959.1690544063&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690544063&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.id%2F&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 132ms
52ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8W66JYHLF1&cid=1741505959.1690544063&gtm=45Pe37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 139ms
68ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8W66JYHLF1&cid=1741505959.1690544063&gtm=45Pe37q0&aip=1&z=1640813092

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=896033860&t=pageview&_s=1&dl=https%3A%2F%2Fotodiva.id%2F&ul=en-us&de=UTF-8&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=522814989&gjid=905193381&cid=1741505959.1690544063&tid=UA-109987058-3&_gid=2085658856.1690544063&_r=1&gtm=457e37q0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1663799073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 69ms
50ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109987058-3&cid=1741505959.1690544063&jid=522814989&gjid=905193381&_gid=2085658856.1690544063&_u=YCDACUAABAAAACAAI~&z=983943200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 search Show response
otodiva.id/wp-json/iawp/ 16 B
707 B 2388ms
2387ms XHR
application/json 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.id/wp-json/iawp/search

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-iawp: iawp
vary: Accept-Encoding, Accept-Encoding, Cookie, Origin, Origin
allow: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://otodiva.id
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV7pNWgbh1%2Bi1bDObBvHSBikpzexZ7qE5Zpyxoj0tjB6PHA%2BkPW%2B0BJrffbUCxj%2BPPeSGTSjfkPZaIqxGXqnt%2FLotzEvarPHNixDDMuVoDt8oiTJllTNBVmH2IjDo6Wkw3l7%2B4Wt6NEA"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex
link: <https://otodiva.id/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7edcd00cef721e4e-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 155ms
67ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=1741505959.1690544063&jid=522814989&_u=YCDACUAABAAAACAAI~&z=1957415415

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=1741505959.1690544063&jid=522814989&_u=YCDACUAABAAAACAAI~&z=1957415415

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 151ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=otodiva.id&callback=_gfp_s_&client=ca-pub-5949640052836324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22cda2de6d63f4b73776c6d64774af7679d67c6627978c66719cea53618b808a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A32D 449 KB
88 KB 563ms
562ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1690544063&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fotodiva.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063219&bpp=7&bdt=893&idt=322&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5085536733649&frm=20&pv=2&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343a0d50e16b2c41f9f8f95d8e8410a7b437ad14c5f05b3a3927fa1c2d20d597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89908
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE59 138 KB
48 KB 469ms
469ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063226&bpp=2&bdt=900&idt=348&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K4nIgDjlG8&p=https%3A//otodiva.id&dtd=353

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef56bd3798c193b3468ccd36bd2d30296fabbcb59f3e37b53b7f7fb86130ae2b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInkjrOnsYADFZHD7Qod9scFew&gqi=v6fDZPydJcTjtgf2u6OwBg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48555
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CInkjrOnsYADFZHD7Qod9scFew&gqi=v6fDZPydJcTjtgf2u6OwBg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7515 113 KB
39 KB 537ms
536ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690544063&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063228&bpp=1&bdt=902&idt=378&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s2TXcNWle0&p=https%3A//otodiva.id&dtd=382

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e802e1369259c3acab4959fa77bd98a525e0ca0e26653ace9b10a4b0b78b2664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39440
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89CD 34 KB
14 KB 232ms
231ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063229&bpp=1&bdt=904&idt=384&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NLw78yupZc&p=https%3A//otodiva.id&dtd=387

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffc17328801c212e3fad919480be62b47d04da2d4f577586aff34f31c013b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13905
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:23 GMT
expires: Fri, 28 Jul 2023 11:34:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DCE5 172 KB
55 KB 271ms
144ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMOnvwAKJw4K7eqUAA34OH3jKnMBMLqNAMDuEA&u=%7CQ8bDtbzIIY%2FLm%2FoiLnMAVC%2FpbF55%2BJu5Cl0LRUAh3SI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TysXVTFEb4Cd-ub6CzNVRzTqvhkg9GHjqUdbKk61-FjelFoK4_kFmV_TBpeBM0_Xcojj3QPYGZmXNvtTITzQvMwQDNbQ__GQIWc2ZmEFBqn8IywR-Yuee9-yTgDrQpkhQlPJazwW_bWSr-qmKHgol3IshykSfFNVOFaKMb7Cs8-cypyBb-TSfDjaSIZ-dP35gsirjYeBr_nIleV0NqVihe-uLRmxTqLkfq58UmlD6hgDg-zi26_owRlnabF18Q65lFrH1pzlh8hj3Kb1S5PIZFyzv_QGJIQQX9FxSyVj3Lw9ni9hOFDyHah37DFv0W2zB1fVqc-a8sNTZz5nfTHVboYghJobmQDd2f2WI5om6vz0Svie2tGShvVyV1Bs4G7O25PU8s9yrSTsfu-QhQ9s9uX43kTaDGmT6YBlYL5ZAtGcYCPGbmvDEXiezu5_E50SVMrWwAL53e8aRtSvrj1Io3LUoXSZclOHkdTyOTATD1ScDOCJ0YzdxEwdLd7KBBL5RJE7FW4YnM18ip11dRLVbPwahJLJeyAE-FTw8pXIBwYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0l5bv6fDZI7OKJTVtwe48LegBsme0rFc1Z2R93DAjbcBEAEgAGCVyquCtAeCARdjYS1wdWItNTk0OTY0MDA1MjgzNjMyNMgBCakCPWurWzxosj6oAwHIAwKqBL4BT9Dl3AD19UEw1WsD6UFO3iKH0AFcfBGE2lXBT1gEOIapIljsm-uAmB12916afGHAhmE5PAh9ieL5RSlCov79UTxSnYlXDxWzpcFPM55suFCd81qK68gamrYNjX8WwJpNaL9Fl9Cji4j1Muht6bv10M5z9LvGVBZCJbMZmjmvwE-jbH5dfSRuvxa9SDPuGSHy_jOFNvmg194Ws0Ovg_ThQOXotUmY1HRU9yIt-Qwha0PHLV7YeWO_4YoFx--AJYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O7LZ8OCE0mJNTRPV1S9h9aGt9Ew%26client%3Dca-pub-5949640052836324%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063229&bpp=1&bdt=904&idt=384&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NLw78yupZc&p=https%3A//otodiva.id&dtd=387

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7053d914ec5ef5fd7c4b27061461fcdaebb09b914c6e2106c095b27de56d107c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8yoGXIXF4_B7xXOsPlBXgmK533VTEYa4KLQLNetM0Njj8Q8BWnNioPaSnmJlRZmkHlyQiNBAatbKxSwd3Pch3Rm-C2-9w79XgV_o_URBztjRc_toMztU8wApeSB3e-_UvHpw8W65fW-xPmd464ij6MBwPLv3u66QzfOkkTY2zaqlbl8EbVpTyEIOQZvhxvLR3qZazp8feWZX1E7BECzAH3af784XU5_JuSnYtjSp9DLQj76gfqlFeD6TsYVjg1-9xlsyUg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 75858038
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 89CD 3 KB
1 KB 139ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 89CD 20 KB
9 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89CD 179 KB
57 KB 155ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:23 GMT

GET
DATA 200
OK truncated
/ Frame 89CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f3431fc83904a8064a39bec4e803bfae2ace2e8ca0786e61d30ffcafd919f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 9CF1 4 KB
1 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063226&bpp=2&bdt=900&idt=348&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K4nIgDjlG8&p=https%3A//otodiva.id&dtd=353

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 06:34:41 GMT
etag: 11900953634711111692
expires: Sat, 29 Jul 2023 06:34:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame CE59 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CA9 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063226&bpp=2&bdt=900&idt=348&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K4nIgDjlG8&p=https%3A//otodiva.id&dtd=353
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame CE59 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame CE59 20 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H2 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9CF1 74 KB
25 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:56:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 06:56:34 GMT

GET
H2 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 9CF1 199 KB
65 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 11:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:44:06 GMT

GET
H2 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 9CF1 11 KB
2 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 06:46:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DCE5 2 KB
1 KB 143ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZMOnvwAKJw4K7eqUAA34OH3jKnMBMLqNAMDuEA&u=%7CQ8bDtbzIIY%2FLm%2FoiLnMAVC%2FpbF55%2BJu5Cl0LRUAh3SI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TysXVTFEb4Cd-ub6CzNVRzTqvhkg9GHjqUdbKk61-FjelFoK4_kFmV_TBpeBM0_Xcojj3QPYGZmXNvtTITzQvMwQDNbQ__GQIWc2ZmEFBqn8IywR-Yuee9-yTgDrQpkhQlPJazwW_bWSr-qmKHgol3IshykSfFNVOFaKMb7Cs8-cypyBb-TSfDjaSIZ-dP35gsirjYeBr_nIleV0NqVihe-uLRmxTqLkfq58UmlD6hgDg-zi26_owRlnabF18Q65lFrH1pzlh8hj3Kb1S5PIZFyzv_QGJIQQX9FxSyVj3Lw9ni9hOFDyHah37DFv0W2zB1fVqc-a8sNTZz5nfTHVboYghJobmQDd2f2WI5om6vz0Svie2tGShvVyV1Bs4G7O25PU8s9yrSTsfu-QhQ9s9uX43kTaDGmT6YBlYL5ZAtGcYCPGbmvDEXiezu5_E50SVMrWwAL53e8aRtSvrj1Io3LUoXSZclOHkdTyOTATD1ScDOCJ0YzdxEwdLd7KBBL5RJE7FW4YnM18ip11dRLVbPwahJLJeyAE-FTw8pXIBwYE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0l5bv6fDZI7OKJTVtwe48LegBsme0rFc1Z2R93DAjbcBEAEgAGCVyquCtAeCARdjYS1wdWItNTk0OTY0MDA1MjgzNjMyNMgBCakCPWurWzxosj6oAwHIAwKqBL4BT9Dl3AD19UEw1WsD6UFO3iKH0AFcfBGE2lXBT1gEOIapIljsm-uAmB12916afGHAhmE5PAh9ieL5RSlCov79UTxSnYlXDxWzpcFPM55suFCd81qK68gamrYNjX8WwJpNaL9Fl9Cji4j1Muht6bv10M5z9LvGVBZCJbMZmjmvwE-jbH5dfSRuvxa9SDPuGSHy_jOFNvmg194Ws0Ovg_ThQOXotUmY1HRU9yIt-Qwha0PHLV7YeWO_4YoFx--AJYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O7LZ8OCE0mJNTRPV1S9h9aGt9Ew%26client%3Dca-pub-5949640052836324%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DCE5 2 KB
1 KB 141ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DCE5 308 B
637 B 125ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DCE5 293 B
621 B 126ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame DCE5 43 B
348 B 171ms
51ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fH8C1Dj2cteF0duQwACGDXUXwgQqVAJfrzhlJrj3ytNMdDLWHLcpxs4Ln0tYDep-p9nBn_-7ivLnwpYL0Ep8nGz15FfBA4GRgGNO1fdux8gJnxTYMSlsY1Qm2YHmmvcTapQp3zKy3usV22bpLBnlPy-HfBgmcGp70nBMkc6wpdjB1tgDm59YZpzdsBQlubqyerIoychONE8dYyvCq6TWo7Gl1FeM8dEKhHJ8X_KkfpLX9Oj_uz3vfEtek9mbY-gGz6MK9goQelxAtAhG52kOrOWJ_yZl1Yxej6CALvN826AurESTKLMxyk_RdAk9anmnBfD3LECSkNfFDw-s3LUZUlyzVLewV_H10rLLFXEyfZsWGDNSCEpU--7gQcm9Wq3zJB23F9EllEDEXFToq90Lp7qtcOrWvy9o2-L4YqSmSjfM5A_z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1758888
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7515 14 KB
1 KB 130ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690544063&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063228&bpp=1&bdt=902&idt=378&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s2TXcNWle0&p=https%3A//otodiva.id&dtd=382

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 10:28:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7515 2 KB
892 B 49ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 7515 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7515 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7515 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7515 179 KB
56 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame 7515 33 KB
14 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:00:47 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DCE5 12 KB
5 KB 131ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 654616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y42Y9L%2FXZdfhlfG0LP%2Bh5Jw1lZgQdRJruikN3DQsDPhFOz0ujrUdM%2FPaXIyFmVYkb788iNqWSq7hTnYo%2BJODN%2BimEOQqXVrWTumsfqhTDnD%2Bmvse%2FBKN48AiZdv4DAtfXuNUnsR%2F%2FNJIn9UAax5jOtfX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7edcd011dce86934-FRA
expires: Wed, 17 Jul 2024 11:34:24 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8843070583232770455/ Frame 7515 16 KB
16 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8843070583232770455/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b178b5e085bfad3011b85ed38d02fee7b75fb6c6f0fa713b152e35bfc7e1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:33:10 GMT
x-content-type-options: nosniff
age: 205274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16385
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 09:24:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 02:33:10 GMT

GET
DATA 200
OK truncated
/ Frame 7515 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7515 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame DCE5 38 KB
38 KB 182ms
89ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame DCE5 46 KB
46 KB 235ms
143ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 154 KB
52 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602d01899f4d2cf818c929c7d27b9204d2249e5fe6ceee0444e8e6723c3ad98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53528
x-xss-protection: 0
server: cafe
etag: 2571784210764685982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A123 98 KB
38 KB 568ms
564ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d819c9dc3de17bc7d980acb573928853b592e81d4620e2a5a62ad9eb232116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38769
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DCE5 12 KB
6 KB 52ms
52ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 c600a3a23ef44514801c2b8d85f409af_cpn_300x600_1.jpg
static.criteo.net/design/dt/3018/4616436/ Frame DCE5 14 KB
15 KB 69ms
68ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/4616436/c600a3a23ef44514801c2b8d85f409af_cpn_300x600_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4957980b0d00f9ca3a83cdc1d2dc423153fecd486ad7f32b7f6775873dd2ef05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 21 Jul 2023 08:18:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64ba3f5e-39db"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 14811
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 5 KB
5 KB 200ms
88ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=596&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=CEpbeaM6UrZF1oIlUzVXI3l3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e28f9a97c9ff2e04da97bc5085447b9b0b43769e45529012b84cde452c497663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4791
expires: Sat, 08 Jun 2024 02:00:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 57 KB
57 KB 269ms
158ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837267%2F348e2f31e4b040a5939056fb0f327efb_img_square_1.jpg&v=3&w=1200&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=rxFRjOTMIukUTabxORZM4Jqo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ed21284cb9193ace0311e5b6d20b78c6bbfe789728fe33ed1de4e8efd0dd737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 58412
expires: Fri, 05 Jul 2024 13:58:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 7 KB
7 KB 225ms
113ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1614699453%2F21059049-d94WZsQu.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=ROpHgS54yJFeUoldWgT7H-VE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e15c8d44695d7813c3d3ed9543eabdf42ded856e0494358fe9f0bc855c2917a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 6806
expires: Wed, 02 Aug 2023 11:14:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 32 KB
32 KB 226ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1636355986%2F20158802-9CLvquA0.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=NhHZx1ADWTqKjj-wUiQWAGLG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

24986ae93ada6b99c80f126ec38a02a7da60992c3099e905c98210c35516ad05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 32798
expires: Fri, 28 Jul 2023 12:31:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 10 KB
10 KB 200ms
89ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17213415-Qucwi5uP.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=ID_MfhjKEmyH5p_Mi8f8V2Hj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c335d2e993b8081805bcfd94809085f9ab9b5a6afb877ea0535505e01886987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9734
expires: Thu, 03 Aug 2023 21:07:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 6 KB
6 KB 201ms
90ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1677272401%2F23024998-ddNa8tbG.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=oDpBmOrSrANL4cUa-A9UgxIo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b133edd0ea88b9b6d1a96ad96a031d0669cdc1b2e186b5f9adcb2742ac522b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 6398
expires: Thu, 03 Aug 2023 15:37:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 6 KB
6 KB 182ms
181ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663707601%2F22167227-t5JU15SN.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=hDXh4kqXr0EUBcnPIWKynfZM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6eb8c2ce9b5f49f04894bbc64ab9048533fec1a458f19b7a704e1a83504dc5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 6038
expires: Fri, 28 Jul 2023 21:17:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DCE5 22 KB
22 KB 174ms
174ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1649250765%2F22080697-NOkFkcED.jpg&v=3&w=400&iid=64c3a7bf8d444b55d107151c67ee6d6d&s=KSGzuOY6-XcQDNDoIhu8quJx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

709b47dc0d73dde41329c742be4f8fe020ea64222405f7c8ec7e6d1cbc22f4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22752
expires: Fri, 04 Aug 2023 10:47:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DCE5 0
128 B 155ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8yoGXIXF4_B7xXOsPlBXgmK533VTEYa4KLQLNetM0Njj8Q8BWnNioPaSnmJlRZmkHlyQiNBAatbKxSwd3Pch3Rm-C2-9w79XgV_o_URBztjRc_toMztU8wApeSB3e-_UvHpw8W65fW-xPmd464ij6MBwPLv3u66QzfOkkTY2zaqlbl8EbVpTyEIOQZvhxvLR3qZazp8feWZX1E7BECzAH3af784XU5_JuSnYtjSp9DLQj76gfqlFeD6TsYVjg1-9xlsyUg&sds=2&rev=87676&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DCE5 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DCE5 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Jul 2024 11:34:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE59 179 KB
56 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CA9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9CF1 34 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 10:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 10:31:07 GMT

GET
DATA 200
OK truncated
/ Frame CE59 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6400f768d846e43bbffb7ad03f29042f90d93097e5f0a2ad4bdcb20e812afbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7515 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac712fc6944bb99141bd4e6eb65e7914f5f9d6b9440ba1fa1c13f373516b0de5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 9D06 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 03:46:55 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 03:46:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame E2E1 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 03:46:55 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 03:46:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame D418 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 03:46:55 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 03:46:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7515 33 KB
33 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 231907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 19:09:17 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 7442 4 KB
1 KB 40ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 06:34:41 GMT
etag: 11900953634711111692
expires: Sat, 29 Jul 2023 06:34:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 9D06 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C6A 143 B
166 B 41ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9D06 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9D06 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E2E1 2 KB
892 B 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame E2E1 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E2E1 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E2E1 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2E1 179 KB
56 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame E2E1 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:00:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D418 4 KB
655 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 10:25:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D418 2 KB
892 B 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame D418 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D418 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D418 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D418 179 KB
56 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H2 200 be510c26caa47b2219b733ddba985099.js Show response
www.gstatic.com/mysidia/ Frame D418 33 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be510c26caa47b2219b733ddba985099.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14157
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:44:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 04:00:47 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/8843070583232770455/ Frame D418 39 KB
39 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8843070583232770455/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b627c6c95b4beaaec9e17c2a803cb541d163b37cea79e01b57085dfb69f80bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 11:47:38 GMT
x-content-type-options: nosniff
age: 172006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39797
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 09:24:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 11:47:38 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8036161430325222858/ Frame D418 3 KB
3 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8036161430325222858/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c1b160b7243cba7dec24f4044316f273f301045ab9996ed66d77eb87471365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 04:06:33 GMT
x-content-type-options: nosniff
age: 113271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3308
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 23:20:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 04:06:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7515 0
23 B 84ms
84ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvHAYv6fDZO2QLKuyn88PwPuvuAyl6YDhceW3it_HEfLs7cKUDhABIIzRmWlglfKSgqAHoAHI8OnmKMgBCagDAcgDywSqBMUBT9Ab7Q-D6XweB_hYh7bEeAY7vwBArQbBtPYwn0nLvtt08rPW5KCCVEzMmbsYSXSJQihaAsrCFOgWNCb7hLjQABdRfy6NV-jQLCVNUJmoizq2908NWDfiAavcsQ3E6_du0uxtfogEFFgK8cB4SfiUp9WdRgrOQICulN1yizCFcvDwfFoFb8MeyJjm6t5HtC9PKZrKGijBndwIMDLK_6xQZHZrp9r5JVN1v81AtHkZaEkYWEdGsytUjfBcLRfn8RU7bO-7uQHABLbx_b-DBJIFBAgEGAGSBQQIBRgEoAYugAfIqLrGA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENvkA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNTk0OTY0MDA1MjgzNjMyNBgA&sigh=-q-uaYwnwks&uach_m=[UACH]&cid=CAQSGwBpAlJW0Ih1k9Fncp1BrhWxwHMACBOB8axQ3xgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690544063&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063228&bpp=1&bdt=902&idt=378&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=s2TXcNWle0&p=https%3A//otodiva.id&dtd=382
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7442 74 KB
25 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:56:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 06:56:34 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 7442 199 KB
65 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 11:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:44:06 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 7442 11 KB
2 KB 42ms
42ms Stylesheet
text/css 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 06:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 06:46:46 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame C7DB 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE59 0
23 B 85ms
85ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuJPtv6fDZMmIJpGHtwf2j5fYB7q3-Oxx0tvx-dYR3Yynva0CEAEgjNGZaWCVyquCtAegAdWU_scDyAEJqQLIrZg6jmKyPqgDAcgDywSqBMgBT9DCYEwplE61MgGVrLX9TrQIiXVRW4_XRE5uXthyAxo2MKCePymuRLnemdHwezeeylGro5xMAyetAzSKnkRAi1BE9VoS7RHcwlsglnz75_wcPsO3huJUm78lzXXyWSTd4wmZqLawOKS2xNavQYL-xHXBSYXxw54QD_gTQiT2iLCu27wydaZIIewrS8TWS9vSBpYMurtM_2J_gCfp9tvMnvi9L2iB5ndoIprmB4GxlIkSHFNvFf_e8tBZcGukk08NzXNRZXIRe3jABMnRv4OtBJIFBAgEGAGSBQQIBRgEoAYugAe8v6kuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOiXGtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwuIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTk0OTY0MDA1MjgzNjMyNBgA&sigh=QPtJ22TiMyY&uach_m=[UACH]&cid=CAQSGwBpAlJWoMcsAdTHpPQRBXRTsPROc7xoqKdlShgB&template_id=494&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063226&bpp=2&bdt=900&idt=348&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K4nIgDjlG8&p=https%3A//otodiva.id&dtd=353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 89CD 0
23 B 85ms
85ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwAodv6fDZI7OKJTVtwe48LegBsme0rFc1Z2R93DAjbcBEAEgAGCVyquCtAeCARdjYS1wdWItNTk0OTY0MDA1MjgzNjMyNMgBCakCPWurWzxosj6oAwHIAwKqBLsBT9Dl3AD19UEw1WsD6UFO3iKH0AFcfBGE2lXBT1gEOIapIljsm-uAmB12916afGHAhmE5PAh9ieL5RSlCov79UTxSnYlXDxWzpcFPM55suFCd81qK68gamrYNjX8WwJpNaL9Fl9Cji4j1Muht6bv10M5z9LvGVBZCJbMZmjmvwE-jbH5dfSRuvxa9SDPuGSHy_jOFNvni1f-ENMwzkEt9VEY4iO9g3WBeQSgD4Y6Vo35h3-HGVXs6Sw4WeIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTQ5NjQwMDUyODM2MzI0GAA&sigh=R02J8VxHzwE&uach_m=[UACH]&cid=CAQSGwBpAlJWSsfRavM88JoMIV1QzA-fkdAiD5fOrhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063229&bpp=1&bdt=904&idt=384&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NLw78yupZc&p=https%3A//otodiva.id&dtd=387
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 89CD 0
126 B 160ms
49ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EN-BMKwC2ASdg2ICAgAAACKL-kzLXzAIEL6nw2TeA9xgV7p28SFeAAASAAAKCkFRVUJBUUVCQVE&wp=ZMOnvwAKJw4K7eqUAA34OH3jKnMBMLqNAMDuEA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 162975
server: Kestrel
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9CF1 6 KB
706 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 10:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 12300746433394990337
tpc.googlesyndication.com/simgad/ Frame 9CF1 85 KB
85 KB 40ms
40ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12300746433394990337

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6bf5677549ee0c35f3023d329458d72a163be55c6be119208abe5c1befa8b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:29:43 GMT
x-content-type-options: nosniff
age: 50681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87011
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 09:56:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 21:29:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
expires: Fri, 28 Jul 2023 11:34:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D06 179 KB
56 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CF1 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
DATA 200
OK truncated
/ Frame D418 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54cd4d9ef663c361ec1211c5f72571f5c8ba6d2b865f93c49a3d3112ef38ab4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7442 34 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 10:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 29 Jul 2023 10:31:07 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9CF1 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 26852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
H3 200 387651546845333962
tpc.googlesyndication.com/daca_images/simgad/ Frame E2E1 35 KB
35 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/387651546845333962?w=360&h=720

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddc754ebf1bd67e1d9cce0fb7179b9cb575be03adbe52ac980b1575514eb343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:12 GMT
x-content-type-options: nosniff
age: 27972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35478
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 08:44:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 03:48:12 GMT

GET
DATA 200
OK truncated
/ Frame E2E1 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c692d79b184e4a366f8412021f36a1f35d4b1364e4526935fe4188151689775f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D418 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvi9Tv6fDZLa2JZiVwuIP666OqAil6YDhceW3it_HEfLs7cKUDhABIIzRmWlglfKSgqAHoAHI8OnmKMgBCagDAcgDywSqBMYBT9BNNjdebE8Y1oIWujTSo_I-DkDzxDA8p4gjGJrsvVD7AdvkZFSHd9_NDpE9tRr9cOI27UECjAWP6pW56v_8Xm3-NmYUtSOIY5dx_TuDc6ffjH-VeOp7GeM-ygdYjjlDLnQTVK4FrZjX5O2_YTqR1a8pF0FSq7h3JHbvqdOnghC4kMVKREhH03I0FwzlZTOH_DK7zQFBHm9CqdAm4CAitvvvOhJuDay2Ma8QtwP0erxHIblTBU5clIUP8eY6us0cbTCuc6FPwAS28f2_gwSSBQQIBBgBkgUECAUYBKAGLoAHyKi6xgOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDjtAfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi01OTQ5NjQwMDUyODM2MzI0GAA&sigh=IN1D11BxNf8&uach_m=[UACH]&cid=CAQSGwBpAlJWe4S_xgSnig9l9dbC3ePu98k8x1xVHBgB&template_id=484&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F0C 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B10 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 200 14617739867271446839
tpc.googlesyndication.com/simgad/ Frame A123 16 KB
16 KB 41ms
40ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14617739867271446839?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkYm3yYNGTvF-Tq_r4Uf1l4dTmGKA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c7162f5bfa931f9e1adf96f44dbfb89e6d8bbf675751b467f11644b447f3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 08:00:28 GMT
x-content-type-options: nosniff
age: 185636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16630
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 15:24:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 08:00:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame A123 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 22:55:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A123 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 21:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2023 21:10:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A123 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:48:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A123 0
0 48ms
48ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvID50EMA3RK3HiF6HzFr0-IktI0Z8l_j_U3wTvAi411qt3UDel1SLVwZkp8LAopWMXRilNnPMLqJPq2zRynHC3ou4vA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A123 179 KB
56 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame A123 33 KB
13 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
server: cafe
etag: 2495518695802652152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:31:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9CF1 15 KB
16 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 07:10:45 GMT
x-content-type-options: nosniff
age: 102219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 07:10:45 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9CF1 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 504571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 15:24:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2E1 0
19 B 85ms
84ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkAquv6fDZLW2JZiVwuIP666OqAil6YDhceW3it_HEfLs7cKUDhABIIzRmWlglfKSgqAHoAHI8OnmKMgBAagDAcgDywSqBMUBT9CKCVZC8jJop6bd8AM4j3lMdCTFuieblXdlCnZ0vtnNZUgg-0W1DkfXZ3cat04ZKtFLNFZLNFMAzQuez4CuyxT2YUp_60tvCNSSznQsfoJc4FBr0Pur0WUp7s4uJ100NgVG2GpmeXPcgxYsFSTKx-kiA2MAS0D-PViQrbd4_vddw7pg17Qm05sfChW14c8i_rDqJvADf72vZ-UUCTNYnbimqIz2Sm7INjy78n2qdK7gb5AHNu8zUJ2WpH0UETNv3IxBSiDABLbx_b-DBJIFBAgEGAGSBQQIBRgEoAYCgAfIqLrGA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPKFBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNTk0OTY0MDA1MjgzNjMyNBgA&sigh=i4o8BTx2-FE&uach_m=[UACH]&cid=CAQSGwBpAlJWe4S_xgSnig9l9dbC3ePu98k8x1xVHBgB&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B16C 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:12:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B64C 1 KB
643 B 41ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 13:03:36 GMT
etag: 48472445140208031
expires: Fri, 28 Jul 2023 13:03:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A123 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec8bbd2dc1f6571b5b5e0fb602ccef1c79d2dfb536228a95fb19e59f8d4d21aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 7442 6 KB
706 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 11:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 10:25:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 11:34:25 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B64C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1&google_push=AaAOQGE3fHdvQghZitFmysRRy2eX8HHIHOnul3-m7QTHjUvvHPa4ZgS5WfQ5QLe0FRZup5h_z7abAcST6Lbzxy_S_Hop-05pRIg2r3g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzAwOTIxMDE1OTMxODAzNDE4MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1

43 B
398 B

116ms
53ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI4y9QgcR-HVSo3abSK6j08&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B64C 0
104 B 198ms
81ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAdqRVGMcDk0nDDomCLgwkQ&google_cver=1&google_push=AaAOQGErJptLOVD8ZvLXz3iG80JoodgeDNeSxzsqKuhOXtYfcwWKyu7Cq6xLNwRlW-RaGZiGpNzK8qJ3EVp1YZW_oucqvnxXca9svDM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B64C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELOX5jCp3pNw02D0fG1fe8o&google_cver=1&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwN...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwNSeKbG8YhQbzcjA

170 B
232 B

51ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwNSeKbG8YhQbzcjA

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 28 Jul 2023 11:34:25 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHscGKg-99As7DjJoQRuhgnbHyK0k_DCIAskoUbZqKoiQsPxzD6tGUSJeAaT0btr8T5SGHNpBFOuGYTPhwNSeKbG8YhQbzcjA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 28 Jul 2023 11:34:24 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B64C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB1dKksqjjOrX9Te9RVFJ0s&google_cver=1&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-bYtD2U_SjmkITog
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D4C63DACED34685A28DFB2F547E0041&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-...

170 B
329 B

51ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D4C63DACED34685A28DFB2F547E0041&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-bYtD2U_SjmkITog

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Jul 2023 11:34:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D4C63DACED34685A28DFB2F547E0041&google_push=AaAOQGEIjndlrz1bmPMH5syP8kV4BvUqlse_vV4cUxUTVURVF_U_LgAdDFZV9sTCCp0-6Ou6_QVZF0-tIV5JfH-bYtD2U_SjmkITog
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 27 Jul 2023 11:34:25 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B64C 43 B
146 B 147ms
40ms Image
image/gif 3.67.157.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAG7J4q1sYPaOKiY4DuYqYM&google_cver=1&google_push=AaAOQGH93NA_ItcvFpNTMgD-v14sh8TPItdkdzWE_93zGl2aT_YYYdS_UTIrnz-7LkuKE6SlHAeZsGijNMEIxN-NU2Q59nPSqgTMjfE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.157.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B64C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENDVt8Zs0136EWhOYbav-8A&google_cver=1&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cbtvp-pw44&google_hm=eS1TelZVbjJaRTJwSFl...

170 B
232 B

54ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cbtvp-pw44&google_hm=eS1TelZVbjJaRTJwSFlIU1ZnazJPZno5RkQzdl9VcHlSV35B

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Jul 2023 11:34:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF3Wc75IKA94-d81TBr48IGHTA3TICdnYEE43lLuxpjorW9GV2A2a1N__Xpc3F8dhqhjDGj1iEwgQ-ZA06sw3yB2cbtvp-pw44&google_hm=eS1TelZVbjJaRTJwSFlIU1ZnazJPZno5RkQzdl9VcHlSV35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B64C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOLT1Wvvb0Di-XwwsIA_WCM&google_cver=1&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOLT1Wvvb0Di-XwwsIA_WCM&google_cver=1&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwODMzNDI2MjY5MTE1ODQ2MQ&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YD...

170 B
232 B

53ms
52ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwODMzNDI2MjY5MTE1ODQ2MQ&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXgPsyUeH4awBrt5own_6Ns_A

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwODMzNDI2MjY5MTE1ODQ2MQ&google_push=AaAOQGFkShNxphoULMM5RbnzrK3y9NIsE2k0thz3yTXMUYvJQXaauyqAK1K0uOyOP_xqkwd1RFm1YDXgPsyUeH4awBrt5own_6Ns_A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B64C 0
139 B 154ms
47ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkniDeU8p0liaSNafV_BgMkxg3P51Gama8vOU2FyC_KelFoTpgVmwjOgK27n0hzwIkvGKA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A123 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQjhjwKfDZPOuGfHUn88P3fOzgAL7wNTwcbKCqKbqDtb6nr9EEAEgjNGZaWCVyquCtAegAZXYtcgDyAECqQJ8gsrr_HS1PqgDAcgDyQSqBMEBT9BTE1P5WPnTHQYcTDBPSVBweiRJPM6WHtf5WN77KjeRPlg7PaOEMe4hmRQyGQcH8M16xqgvKHN1aFWgUkkL58_bQoJ0Uohsao2Bk26wqBs-mjubII2jdTmYyocnyHMhY9JgyWCMBKVFSxXsoIoCywoEDUjm3K6rShDkhbK3R3mDXA5eSsPEUtSvKAdFs2pF3iZkK5II9waBsmXkeKFqzA7CeN60ZzE-qcxvO2wcH3J7rD-tYsT2tXywEl0qYQOaycAEmNeB7tMDkgUECAQYAZIFBAgFGASgBgKAB92c9WKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDMrQPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTU5NDk2NDAwNTI4MzYzMjQYAA&sigh=mBJHh_XJrWo&uach_m=[UACH]&cid=CAQSPABpAlJWU2Pc2kVBY4vFGOlwqxYpveFObIU7jJN2Bq2IxAppA5i8lzzle4UZP5qGias6gFex4kZNcaRR9hgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690544064&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544064289&bpp=3&bdt=1964&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd318c3d9dc42987-22703422b6e700ce%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_MboBGeso816wi6PpWypUVYH7NT-Pg&gpic=UID%3D00000d26bf6b857c%3AT%3D1690544063%3ART%3D1690544063%3AS%3DALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&psts=ABnkTfBW2y6l_V82VwNPRXbA7zhHiqMIXp8wlvY1sbAvWI6o5erw0-UiBlm4OnMO9i75G0UjlUuCAl5zP7aLWQ&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=CjBgOUwFEi&p=https%3A//otodiva.id&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Jul 2023 11:34:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B16C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
51ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:25 GMT
expires: Fri, 28 Jul 2023 11:34:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7442 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7442 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 26853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7442 15 KB
16 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 07:10:45 GMT
x-content-type-options: nosniff
age: 102220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 07:10:45 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7442 15 KB
15 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 504572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 15:24:53 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 92ms
91ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c77ec8710270aee1fe061a741e2ca02a235ce8a8f00f6cce020099fa561d87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11825
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame CB62 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 48ms
48ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUFYmk%2FmxMOt7MS9ZlBWWlSWRFMoqg9n%2F5PPI58v5yQU5SB3U5EPRHxaFz8N9njBxBGrWhFYkXrzYkfTKWGztdGozXSnU9HoJpvlmuTog2WCwCR3HHDawADI4pywPJIBJ2WL289y68fd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839ef1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
otodiva.id/wp-content/uploads/2023/07/ 48 KB
48 KB 50ms
48ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"64bf77de-be18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnMuTjUrrcdZQQDCU9F6B33YQk2RvsFCCr3XdJsMfUfLyzl845bsZGVO%2Fp3gMohwAmLSEX%2Fm1cdmvqbm0Aamd3VESaEqvpsraUH%2FGZ7Z10PtbPY6dNjUveJ0VvQtA81RqwB748Htti2t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839f21e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 kendaraan-listrik-1024x660.jpg
otodiva.id/wp-content/uploads/2023/07/ 93 KB
94 KB 727ms
724ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/kendaraan-listrik-1024x660.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 07:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b24b0c-174a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sunWxy%2BYUNC6G8Shp298bIbJvakubmnT30uzw4cb0WnT1AzwmZTN3lbqypI5NBxo34LCfGqgOND%2B88rp9FGSS77njo5c0dwcrjlQLDMOQE0LS84ppqcrHSKGs92GQ8V%2BcV%2BsXZOvLhf8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839f41e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 256ms
254ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9P%2F7OuUF6E6BbPnviez6IQH5jRtStkB0UIDRCuat%2FrQpQ0dDDRvU9C9jwf6OBE5F0nk74WWVZgo4eHznAcLDlCjTU7By%2BoDcKKFS334IPVMtr64CFVkaSc1xlCfrcGlvHg7hmgOe25F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839f61e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 227ms
225ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5yeHodoHl2HI5%2FgfbGImOX3VTVmiYTPV6HtxMmCFgM3jM6GTrGJ9HphTZEPPo0hhUihS4TilxQkNGOJ42N1KnBWKVvNTk%2FTCgz5%2FEQBbzfyeURpOAsOaO13MUfYx%2BDEsNR%2BNsH2n%2FB1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
accept-ranges: bytes
cf-ray: 7edcd01839f71e4e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5767
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
otodiva.id/wp-content/uploads/2023/07/ 9 KB
9 KB 228ms
226ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 01:31:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b5eb87-22c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqAQWPTBRszkNgNstYzlUTmhW7EYcpIay8Fzox2rGpCqPdxY9eIRKAFm%2B%2B0eMx7bmThaEpoY5UhonzhurAyJB3BZuIGTHyPAcww7gMzrXl4vm6r0FrmWK4c4bEBox2Wk5XhJQDNOJYdo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839f81e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-768x1021.jpeg
otodiva.id/wp-content/uploads/2023/07/ 102 KB
102 KB 275ms
273ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-768x1021.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64be1662-19794"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAWU4RS3vjepmfS2lPBFmDPOoHdLEWMYLt48FrM4k2jSUCB0NSSdvVdU5gu%2FpwCPoZq5W0JmsTSTU78qgcNrFfGaBmUCYYo5b3%2BN%2FKuWU7%2Fk%2Bsc5%2Bwe01Q9tHa1XuLwjOU%2Fmmm%2FyaCFV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01839fa1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ilustrasi-cek-mesin-mobil-150x95.jpg
otodiva.id/wp-content/uploads/2022/05/ 6 KB
6 KB 216ms
214ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/ilustrasi-cek-mesin-mobil-150x95.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 16:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a4465f-16f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZwnCAofk9h9Df8yoqWE2dGsC8EaRetH4KePeR771T%2FLnAF%2FC25%2B%2BQr8WA0RlCODihojb7gPsHuH2Ssm9zRBLbuJMqhx9qJ1xGHCfeotiPl9%2BvaTqaZbbrxK7SvDmznqzL7JZNQ46yD4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
accept-ranges: bytes
cf-ray: 7edcd01839fc1e4e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5873
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Gocar-TRansportasi-Online-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 4 KB
5 KB 212ms
210ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Gocar-TRansportasi-Online-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 02:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b0b601-106a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXH6UMrWmWs9pMSNTdl8GhgPW9efsWjIOzV5i2mHF1QewbepIn3GmS9hLhX%2BVug1yRvP4bNvCYVjr00jCV4zds6KADBIbqkLZSJqtybvfGMjqmqD%2FUj8NLI15Jo90eQryZVXZxldbcYM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd0183a001e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wanita-bermotor-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 8 KB
8 KB 227ms
225ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wanita-bermotor-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 16:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b0241b-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRFcQWhcs%2BDrxbe1%2BCHwoYdOHCjBVQB7dvitBl7G%2BdWsVxNKdTGWu2Qt7SQsORs7zFhNxq7czUCM2EFdEaiESUXFVyhW26dLURA%2FfC3gXmL907q%2FS2cEOKKsO%2FxLOQtU4yr1nLWRdXRL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd0183a011e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 11:34:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C78 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 10:25:08 GMT
expires: Sat, 27 Jul 2024 10:25:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB26 783 B
536 B 52ms
51ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd9807bdea6e1ab7847824f72e69895a81afc3ab70f1e08798b53942a3ec9f52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Q4BGfcKbnDPf_d9wIWYUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1Q4BGfcKbnDPf_d9wIWYUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 11:34:25 GMT
expires: Fri, 28 Jul 2023 11:34:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C78 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 07:27:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BB26 0
0 73ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3122379016578227&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 Gocar-TRansportasi-Online-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 4 KB
5 KB 52ms
51ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Gocar-TRansportasi-Online-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 02:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b0b601-106a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v%2Bo5BwBGVT4Qtc%2F4fI%2F92UXywtifAVXXqMm5Ny3gWHzTXHmV8sIy3%2BxXpZqTW%2FISA%2FkpFtb24r8nG%2FoAfZeFXNga6CkK6lNyuZc1J6Nqq86l4zGdMF14dY6ClpcQzWCxNqIbl4aemj7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd0199bf21e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 49ms
49ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 5767
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3oYso%2B5fluk26yEs4hTHNt6QfVE4y%2FoAHEI9vpdCF6ASR1TQzAxivh82qpDv9UkkVeRb%2BuEyMWoeUNfVuX00iKixpEpABiyWxsLmQlt8%2F%2FT8y2hciaP%2BeyXRE6lUx31Uhl8i2gEcLIA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
accept-ranges: bytes
cf-ray: 7edcd019ac1c1e4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
otodiva.id/wp-content/uploads/2023/07/ 9 KB
9 KB 50ms
49ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 01:31:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b5eb87-22c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxSOUG7FXfGQ7XRqI47RVqsnhOhRL0sKHBqi6J%2F%2FzrhJUy3GYjfKfFUJ%2FvB9gE9%2BWV4naKqCRuDe5LiUD4hO9fDeMiUopBT0ELbnYaquk%2BCC5rTSDUJ7SEsinXWSrijN58zHiLGHcJqm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd019ac1f1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ilustrasi-cek-mesin-mobil-150x95.jpg
otodiva.id/wp-content/uploads/2022/05/ 6 KB
6 KB 47ms
47ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/ilustrasi-cek-mesin-mobil-150x95.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 5873
last-modified: Tue, 04 Jul 2023 16:18:39 GMT
server: cloudflare
etag: W/"64a4465f-16f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YAIZ5PE15Zyu%2Fwx4zVk48Jh%2B3Kj77%2FwX4s3mRPDZ9Lus5%2BRsG9vm5ZDmXvaEUc8uTFCo%2FIlONyAUxnRhDtO1kDJWyoehKxT17UZ0tPOlFLIBHDc7WeKCYzltFBuAWhCFmZqaLF%2FD8MT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
accept-ranges: bytes
cf-ray: 7edcd019ac221e4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wanita-bermotor-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 8 KB
8 KB 51ms
50ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wanita-bermotor-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 16:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b0241b-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNlq0YL3bJTOfmreUAF3Dgso1zDliRnQVJ7%2Fm9TezBhmhnRWhgpcYYpA0sFqWpXoFa2Tlnu0wiA291WRfHMVBgRW6ei6m1%2F3E5nJsrfc2M%2FtJq%2FYSTu6hyDKMZzjEjsWx6DpseEQ8gZF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd019ac271e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 55ms
54ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmzXG%2BYBBQXjOUprGcmQp882zebJsxa%2Ba01JZr2XAtIfabuMcNbL9hrovAwnB%2FiHyVi8NZQBpO4rNYcfx8d%2BuZBHerQexysLzmAaEs7ZaLr%2Fso4J7%2BLcnMS7sEgEDslhLlRME3NSzEI%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd019ec7d1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C78 0
12 B 40ms
40ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o-Qu8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE59 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRgy6YXqXTLfCR4QBoNpE-KEgzZQxar_0PAoE_hL7UVLe_5R_XdgkuUhsBvWDu6Ynuz7-D7hb5R2NY1qZz-INf84dl118j-vyShQ9IQHGKrRfkNe9VwxgBTGuS_SBTxp7rjxgP9xq2339o&sai=AMfl-YSuyHjgtfn4Fn-obMB1Qe5_iYpQO9P-pH4AtVdns8ZN8sWHCqoYMA_bMGU031XSumycSXwpb0LXticc&sig=Cg0ArKJSzPosuPKS0jfbEAE&cid=CAQSGwBpAlJWoMcsAdTHpPQRBXRTsPROc7xoqKdlShgB&id=lidar2&mcvt=1003&p=0,0,280,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1394093537&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690544063579&rpt=980&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 54ms
53ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF7vuyUVMd0tWkuwoham9me60voamVKMb%2FHLss5pqklsLxEgFyM54Pt00MKF%2BM6V4PUHvR%2FCe%2BBkLryo2ciAKnFqwV3SrB4d6M%2F%2BEvnblx9BKN1PrjE%2FMxw2xrD3ObPMzVnfjnJAkk9f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01aedf51e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-768x1021.jpeg
otodiva.id/wp-content/uploads/2023/07/ 102 KB
102 KB 53ms
53ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-768x1021.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64be1662-19794"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmTokXFCaLPE1FCp42J7xbSQktCvm9w9FAYGtlEYIJmIzteH3JAmiebsB15SDCz%2B4rJSO9MIR05Jp4Ntfcmo85zY3FGVWzXUrw%2BfjPrJhLrtQUMsjUhDWsNT07pt%2FqE7mO6Cjuq7rp8x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01b5ea11e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 giias-1.jpg
otodiva.id/wp-content/uploads/2023/07/ 11 KB
11 KB 48ms
47ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/giias-1.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:25 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 05:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"64be0828-2b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhEzlriO1kIyicndvuzmVJRPEgv1GuCNjrppxf3mZqA899v8vWYR7i0k9PR%2BIsGHYw0WBPv0cFY40i4Jmkpu1k%2FaQp0Q5t1HZMcuo7GYmHyRc5%2FEro4NH0OGFYUYLxM631Mgc%2FI473N1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372490
cf-ray: 7edcd01bcf631e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D418 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdnbuoNLoCJw415RPfn4eVIEEGBE5KFAV6xtAgCJhrPTfRHx5v_U1b5EeJjV4aWT0RPlUsN9O54IoNjJkQZY5lAR0MN80dbXrdbLr2N6m5L3BFeYjf7-f90oeSFWkB_hnpSb8zzERCbgPZ&sai=AMfl-YQfvDOKT-YJAg6Qcfv4VeUHCBf7XlxarmqJiWahoStWreCNbJcWiW51itz-QsE7hTiGiLi2BiVbV93T&sig=Cg0ArKJSzH3t_4VSvFviEAE&cid=CAQSGwBpAlJWe4S_xgSnig9l9dbC3ePu98k8x1xVHBgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=183,782,1001,1036,1036&tos=183,599,219,35,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690544064439&rpt=373&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2E1 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAeElyXRzDaX6DVNeqJvELwQZ83t7oR6L--NyepS-53KBZF-vSg_lFw7xV-w7nZ-Hi36ucbHJ5WHfKmnaSEaCTksS6NsbWtD-0XfLMTcP5PsPa8Zsy9rAy8CVUVN87-9TcvnfROk_SWXCB&sai=AMfl-YTROTHeVBCr6BVGr1XK4LBetozOWaYyST-wNLAneQZDZoLs_nzIPXezRebc295F80Q6AeOdtB0rMcmY&sig=Cg0ArKJSzF55e5GzvyW_EAE&cid=CAQSGwBpAlJWe4S_xgSnig9l9dbC3ePu98k8x1xVHBgB&id=lidar2&mcvt=1002&p=-50,0,450,200&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690544064437&rpt=364&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 11:34:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Honda-HR-V-2-450x291.jpg
otodiva.id/wp-content/uploads/2023/07/ 39 KB
40 KB 49ms
48ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Honda-HR-V-2-450x291.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 02:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
etag: W/"64bde3f7-9c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5Fmx20xdKZVOmBAr1Ww8G6HP%2F%2BGQPycCClXdTNN7xoMh2zzCwUbCIlZGeAV1xFNp2EglSOkkBgWI1qB3eR6IXxBnUOO31VQJXah7HigY1CrLz1ph9lez8ZWHqHduSetRhQfz6FqW%2FEq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01d69b71e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 honda-modifikasi-450x311.jpg
otodiva.id/wp-content/uploads/2023/07/ 24 KB
24 KB 51ms
49ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/honda-modifikasi-450x311.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 00:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
etag: W/"64bc77f6-5fb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZhtUEKbM3SEUp%2F0IeWC5pN0TZZFFQHMghkydoFeB%2BniZub368wS4NWqis4dwbwypmdpcNM0e4wB%2Fari9cbleN5PEXoY%2F66HUXznk3F5JfAWcwMQcYuH7OEX6x%2B8UyGF75AW2Pr0sSPK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01d79bb1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
otodiva.id/wp-content/uploads/2023/07/ 87 KB
87 KB 291ms
289ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64bf77dd-15bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8xL8VoibS7h5lVrqy%2F49bkq6S7%2Bg6wI89cyOjA%2BTyADy8anDGSZg4%2BKPiJu7huRxsC8jZRQz5NI49EVbvyAJsR%2Bm5EmY6qvtWgZHRyW9ZJkyzVXmZKfSDjYyDlMKTcbeP4tArx%2BQnaW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01d79bc1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cara-hemat-bensin-mobil-150x99.jpg
otodiva.id/wp-content/uploads/2022/05/ 13 KB
13 KB 219ms
217ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/cara-hemat-bensin-mobil-150x99.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 01:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a76e69-3412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC81HygtWYaskgqpinxmLyPGVO8lw9WyuHmbrhDGHukKblk1%2FZiGYpf4iWXajh%2Bd6%2FNV4pIUMwejgSeXHdLnJpA5%2FImxwuoo6dWRhYuzWiM0sN7XKhBi2g0RF0cpxrTjn28O%2BOXJRafa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
accept-ranges: bytes
cf-ray: 7edcd01d79bf1e4e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13330
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
otodiva.id/wp-content/uploads/2022/05/ 5 KB
6 KB 209ms
207ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 08:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a523c8-15b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG2Yb8ySyHsZ64C0eHZbto3wt0ejVctvtZPOyEJXuxocf0COHNXpaxvEVi9dB3foJ21X17q5Hn9rFmrhelMsSBuaqSf5gqjqxNoF%2BU964AhAW%2BR0gj0IkX0bAcSXXQDp%2FHcNR%2BgDjRdL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01d79c31e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=3122379016578227&bg=!ubqluu7NAAZGOVy5Zjk7ADkAdvg8WpfK7Z2SKkcBdG-zILh5JKw6UTvZWzYlu6dVQwaJbAp5vgrOgBqkwf9s5xSGmps_PnsTyzUCAAAAZVIAAAAIaAEHmQK05dvzSbMTeYL6aBFgS497v2XyGH2M3buMRqHCY0inFoEALJDQvGSTKIcAoLX9wo2b1NX9diRUTO8A1lUnexAjI9vT4tNH7zS879XSDApYOkcbtfaAIwgroOwMKUNlJaF9axalhJsE27jttfPNjP1T42DXB9-Sjb4VgBgOF36VePYXQmYIm4CvikksXxQl1dKQrNmh8TotgPtjVCK_PgDtsxbqJU3J2b0uNjqgXEISgFaJHyYWaW6Ar5uUpDZKlTxnzpzyYZ1HgN9CY8HaOmwunBIu1qg1nZtT0mg1OWUkNXUWuzlP0QoOOmbR3RhRs6CS1GsXhRGcrHozPCCFOf_9wl-MA7A5w0T2TZJpqfzxECGGMpp92sR6W_j2RxVoxeew-3wXo2QB2ICOb8eLGPGg-jXmL-Y13RacXR2y3_aP180y9a4UTuUmFFSNhg8_qEWO-WNWhU0zjXs9cUsfaH5ukr5YLsHq5bVve6LwF_EdXY7bYxMLw9q7wtJRh9g811za2Ad3PSzuGjKu2V7zggd6Ef1kZtp4jjvgiraX8nk4_DBKYn2EMxK1LnhRW4KhTJPlROd1NTkyQuRmUniuUSqHsBaXDmzT7OFz-4EOO1bjn4ampdLtU-DZaX-Poq7Zon_0dhS-beteEGLIaac2kmyh4apg0p_BjdQmq765FurrTe9gxbZRnD_k-5jA412H428ovEyo57JdR0sw8lqxsOs40mbfXdjfrr-UagAZ0tC1A60Q9tcuAbMKqpvIWs_KJJMk030Lfk5ZAqjDThCLWBlwQ32pDPRI2nQ37V46Ur6aD5bdHwh8o2zc_Gd8dCeMyX2pPAgEDrE4Mrk3eZO8pB-oUyXXsk0KyhClDs-PfHqB0o1Lga87kGwo_JdbIRUTIXwR_grno9kj6SsLjK0Hw2s-IEhpfrE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
otodiva.id/wp-content/uploads/2022/05/ 5 KB
6 KB 51ms
51ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 08:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64a523c8-15b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FZs6QdYd%2BnbTfV680L%2BwQMGCP%2FpkTqxYXQ2%2Bsl4QI3%2BxUHf5w%2BERYFOil%2FbWPFgFWIb9hUywGsRTq%2FV0314FfBmJ1ce4oheaoUWkUHazMRHTT5Ira8sTAU2aBcKIdxbesTKSRiLMUW8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01ecbb21e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cara-hemat-bensin-mobil-150x99.jpg
otodiva.id/wp-content/uploads/2022/05/ 13 KB
13 KB 46ms
46ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/cara-hemat-bensin-mobil-150x99.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 13330
last-modified: Fri, 07 Jul 2023 01:46:17 GMT
server: cloudflare
etag: W/"64a76e69-3412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bks%2FDbrQPHsB1AbWHSvQSeQ%2FPe8RVYTlnA0cJJiO7swLjni0UQZqap%2FhBYuPrrJ5oMJgmKhoho5Ojzh6BujPYL%2FJ8rU4zAwXq4awF9WY3OBtTRt3bPOiUuK7Lc33pBwhSADbWzAtKxW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
accept-ranges: bytes
cf-ray: 7edcd01eebda1e4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 47ms
47ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 5767
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtjAeLi40gX7xhq48tYpiSWnc%2FqBZMhjRh9hZLYLVXkWuwakC7S0xMUQhTs2%2Bme5Rb4bjTJ7vtOqx3WHJg1WGadU%2FZt8qTxJeLq%2BHwSc4qDkq%2Ba1%2BTjDS11JaWh22F58Av7qbHFN%2BxqV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
accept-ranges: bytes
cf-ray: 7edcd01f1c231e4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
otodiva.id/wp-content/uploads/2023/07/ 87 KB
87 KB 47ms
46ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64bf77dd-15bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn5IbxpAIYYcGPM5QBPNItPLSLRvv7Pzt6Ghwd9t7FXHGTFbj67SSzy2Z5LpxRzn%2BdsQjvGv1KJqpumnJXAOR9PhFyFk9u%2FzJdY4Iyp5LsxYlPV8DOCmkkkyUerYFg0fzVhG6v8YNpqo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01fbd0c1e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 47ms
47ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:34:26 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSAu5D%2FPV0y4NEbiC85fYhLPLEG4OxY6dvKsPw6oP1QnbS9d%2BqAxzyapt3rTOeRt%2BuSsOVViaUJBKbcmRfuoGjssF%2BlwYUbMf%2FVnuacgdziAjZXHRENlAKBjIO0C1GWAgNK%2BByWa6ggG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455372489
cf-ray: 7edcd01fed641e4e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otodiva.id/	1970-01-20 23:11:44	Name: _ga_LY8D8YR8N2 Value: GS1.1.1690544063.1.0.1690544063.60.0.0
.otodiva.id/	1970-01-20 23:11:44	Name: _ga_8W66JYHLF1 Value: GS1.1.1690544063.1.0.1690544063.60.0.0
.otodiva.id/	1970-01-20 23:11:44	Name: _ga Value: GA1.2.1741505959.1690544063
.otodiva.id/	1970-01-20 13:37:10	Name: _gid Value: GA1.2.2085658856.1690544063
.otodiva.id/	1970-01-20 13:35:44	Name: _gat_gtag_UA_109987058_3 Value: 1
.otodiva.id/	1970-01-20 22:57:20	Name: __gads Value: ID=cd318c3d9dc42987-22703422b6e700ce:T=1690544063:RT=1690544063:S=ALNI_MboBGeso816wi6PpWypUVYH7NT-Pg
.otodiva.id/	1970-01-20 22:57:20	Name: __gpi Value: UID=00000d26bf6b857c:T=1690544063:RT=1690544063:S=ALNI_Mbf_2Q003vcCi7yCdipweZTILl5HQ
.doubleclick.net/	1970-01-20 13:35:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:57:20	Name: IDE Value: AHWqTUmw8HKXx6sa9GRyV2khi5_zmoUnVzyPdcXQIomeFOKY4bLcXtHl0kNl0AVbqlE
.adform.net/	1970-01-20 14:20:22	Name: C Value: 1
.simpli.fi/	1970-01-20 22:22:46	Name: suid Value: 0D4C63DACED34685A28DFB2F547E0041
.mathtag.com/	1970-01-20 14:18:56	Name: mt_mop Value: 4:1690544066
.yahoo.com/	1970-01-20 22:21:41	Name: A3 Value: d=AQABBMGnw2QCEF0YTO2BaIaWOheOUErwJ5IFEgEBAQH5xGTNZAAAAAAA_eMAAA&S=AQAAAncy_oGKx061gBphDKAzrG4
.adform.net/	1970-01-20 15:02:08	Name: uid Value: 5408334262691158461
.turn.com/	1970-01-20 17:54:56	Name: uid Value: 3009210159318034180

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690544063&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690544063229&bpp=1&bdt=904&idt=384&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=5085536733649&frm=20&pv=1&ga_vid=1741505959.1690544063&ga_sid=1690544064&ga_hid=896033860&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44788441%2C44796634%2C44798157&oid=2&pvsid=3122379016578227&tmod=1298863886&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NLw78yupZc&p=https%3A//otodiva.id&dtd=387 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-5949640052836324&fa=1&ifi=8&uci=a!8&btvi=6&xpc=yv0uAuY9im&p=https%3A//otodiva.id Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.eu.criteo.com
c1.adform.net
cat.fr3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
otodiva.com
otodiva.id
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
172.217.18.2
178.250.7.9
185.29.132.245
2001:4860:4802:32::36
2606:4700:3034::6815:1bab
2606:4700:3036::ac43:d8c1
2606:4700::6811:180e
2a00:1450:4001:801::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::4
2a02:fa8:8806:20::2010
2a05:d018:d29:3601:9008:7637:b6ba:2b01
3.67.157.9
35.204.74.118
37.157.2.229
46.228.164.11
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddc754ebf1bd67e1d9cce0fb7179b9cb575be03adbe52ac980b1575514eb343
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0fa8b94214e8f304d31959713bdd61d07cdd7ac62d64c438731b01b2aa5f9556
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d
1b627c6c95b4beaaec9e17c2a803cb541d163b37cea79e01b57085dfb69f80bd
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22cda2de6d63f4b73776c6d64774af7679d67c6627978c66719cea53618b808a
233cd90b01d5277cb2b61aa02930e72bed09dc7f8827e85af21dce15d3116160
24986ae93ada6b99c80f126ec38a02a7da60992c3099e905c98210c35516ad05
2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c
3130f866e2557c43a08e1226e2b6dc3f439a0a464bc68a00d872840d31c690d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
343a0d50e16b2c41f9f8f95d8e8410a7b437ad14c5f05b3a3927fa1c2d20d597
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41a60ad5531522c3bd4e2179e530104f4799e35c74cbe82466a1737cb8b66b5c
44e8dd3f0ac5d0d3fad25ad3f73975be87db679615f1e7af0d9efe02df2370ca
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95
46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81
4957980b0d00f9ca3a83cdc1d2dc423153fecd486ad7f32b7f6775873dd2ef05
4d212ebb58e24f6786a56de7721662abc21831961e98c7b053f2f3f92fad848a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cd4d9ef663c361ec1211c5f72571f5c8ba6d2b865f93c49a3d3112ef38ab4c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d819c9dc3de17bc7d980acb573928853b592e81d4620e2a5a62ad9eb232116
56f80e901644d62f7ea9f1cc471afab7f5ae317ffb6ca0469fddd87958646198
5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c335d2e993b8081805bcfd94809085f9ab9b5a6afb877ea0535505e01886987
5e15c8d44695d7813c3d3ed9543eabdf42ded856e0494358fe9f0bc855c2917a
5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d
602d01899f4d2cf818c929c7d27b9204d2249e5fe6ceee0444e8e6723c3ad98e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852
66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731
6db2ee1a4cb2db6778a206da30c7a3810f66e80a4eb02a2d18a70767f118bee6
6eb8c2ce9b5f49f04894bbc64ab9048533fec1a458f19b7a704e1a83504dc5fd
6f3431fc83904a8064a39bec4e803bfae2ace2e8ca0786e61d30ffcafd919f0b
7053d914ec5ef5fd7c4b27061461fcdaebb09b914c6e2106c095b27de56d107c
709b47dc0d73dde41329c742be4f8fe020ea64222405f7c8ec7e6d1cbc22f4d9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc
7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7c77ec8710270aee1fe061a741e2ca02a235ce8a8f00f6cce020099fa561d87a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878014e6a9168c57eff7600e86ad88e8970ea651d8a163fcfd0173d246ace273
89cc71ae9db584bda0ee5ebfcb9bb931451bbca3c47ad69221211d919a0e3c40
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
95b178b5e085bfad3011b85ed38d02fee7b75fb6c6f0fa713b152e35bfc7e1cd
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ed21284cb9193ace0311e5b6d20b78c6bbfe789728fe33ed1de4e8efd0dd737
9f2872276c46bb88f3b244e1827b9a103cee97bf5f31f9c355016176196d05a6
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13056d106882ee191a6ae002dcfe77a62c8481c199c1af338a952d6650ea96d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79
a6bf5677549ee0c35f3023d329458d72a163be55c6be119208abe5c1befa8b53
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba
ac712fc6944bb99141bd4e6eb65e7914f5f9d6b9440ba1fa1c13f373516b0de5
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b133edd0ea88b9b6d1a96ad96a031d0669cdc1b2e186b5f9adcb2742ac522b10
bcc37c7117fa0be1f5025276a470b467aa7bdc1c34d94129aee332c2811fbaf6
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43
c692d79b184e4a366f8412021f36a1f35d4b1364e4526935fe4188151689775f
c6ccf740ad840cb52110869896130e9c435416d2eb1f70baacbef5e870c4f788
c915c6265aaa09f787accf6c006a19592eb3fe78f8aa59bc131e59de12a735fe
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d0fab2c23386ae8d4d3d1859f43e6e96fa0c95d2c86c60288a918b7b4f3b544d
d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332
d6071e2ed8dd3e36f6dfa6fac9e4858ae880ab3c1c60075d6e87545b8114a66a
dca76ea2cd5ed4f9c266b1614f9c310c7de3839833d52ab5870097cbaa5dca29
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e28f9a97c9ff2e04da97bc5085447b9b0b43769e45529012b84cde452c497663
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047
e802e1369259c3acab4959fa77bd98a525e0ca0e26653ace9b10a4b0b78b2664
ea7007c4bbbc376418d1df6cf6dc0e80a1741df14dd4c6c8fd1b1e8225bea573
ec8bbd2dc1f6571b5b5e0fb602ccef1c79d2dfb536228a95fb19e59f8d4d21aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56bd3798c193b3468ccd36bd2d30296fabbcb59f3e37b53b7f7fb86130ae2b
f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6400f768d846e43bbffb7ad03f29042f90d93097e5f0a2ad4bdcb20e812afbd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c1b160b7243cba7dec24f4044316f273f301045ab9996ed66d77eb87471365
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8c7162f5bfa931f9e1adf96f44dbfb89e6d8bbf675751b467f11644b447f3f0
f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7
fc773158cf18dc46e3b09c9add531ce040f156f420ff5cea89584703f8a16cac
fd9807bdea6e1ab7847824f72e69895a81afc3ab70f1e08798b53942a3ec9f52
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff928bca5a80772152dcedbbb4ec789c9b73af85b51f6a8cfba2e484a0cb54b0
ffc17328801c212e3fad919480be62b47d04da2d4f577586aff34f31c013b3cc

otodiva.id Open in urlscan Pro 2606:4700:3036::ac43:d8c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

98 %HTTPS

77 %IPv6

22 Domains

32 Subdomains

27 IPs

9 Countries

3941 kBTransfer

8028 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

otodiva.id Open in urlscan Pro
2606:4700:3036::ac43:d8c1 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

98 %
HTTPS

77 %
IPv6

22
Domains

32
Subdomains

27
IPs

9
Countries

3941 kB
Transfer

8028 kB
Size

15
Cookies

221 HTTP transactions
8 data transactions