urlscan.io logo urlscan.io
SecurityTrails logo

insurance.paketinternet.id Open in urlscan Pro
103.253.213.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://insurance.paketinternet.id/
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 129 HTTP transactions. The main IP is 103.253.213.15, located in Indonesia and belongs to RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID. The main domain is insurance.paketinternet.id.
TLS certificate: Issued by R3 on October 1st 2021. Valid for: 3 months.
This is the only time insurance.paketinternet.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 103.253.213.15 58487 (RUMAHWEB-...)
4 142.250.185.74 15169 (GOOGLE)
17 142.250.185.226 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 1 104.21.234.231 13335 (CLOUDFLAR...)
1 185.199.110.133 54113 (FASTLY)
3 142.250.185.195 15169 (GOOGLE)
15 142.250.185.130 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
41 142.250.184.225 15169 (GOOGLE)
6 142.250.184.226 15169 (GOOGLE)
2 3 216.58.212.164 15169 (GOOGLE)
10 142.250.186.134 15169 (GOOGLE)
4 142.250.185.99 15169 (GOOGLE)
1 104.111.233.140 16625 (AKAMAI-AS)
129 16
19    103.253.213.15 (Indonesia)

ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID)
PTR: yahukimo.satu.rumahweb.net
insurance.paketinternet.id
4    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
17    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    104.21.234.231 (None, )

ASN13335 (CLOUDFLARENET, US)
raw.githack.com
1    185.199.110.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-133.github.com
raw.githubusercontent.com
3    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
15    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
partner.googleadservices.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
41    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
3    216.58.212.164 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f4.1e100.net
www.google.com
10    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
s0.2mdn.net
4    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.gstatic.com
1    104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com
t.6sc.co
Domain Requested by
41 tpc.googlesyndication.com googleads.g.doubleclick.net
insurance.paketinternet.id
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 insurance.paketinternet.id insurance.paketinternet.id
17 pagead2.googlesyndication.com insurance.paketinternet.id
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
insurance.paketinternet.id
googleads.g.doubleclick.net
10 s0.2mdn.net googleads.g.doubleclick.net
insurance.paketinternet.id
s0.2mdn.net
6 www.googletagservices.com googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 fonts.googleapis.com insurance.paketinternet.id
googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 googleads4.g.doubleclick.net insurance.paketinternet.id
2 adservice.google.com pagead2.googlesyndication.com
1 t.6sc.co googleads.g.doubleclick.net
1 pixel.wp.com insurance.paketinternet.id
1 partner.googleadservices.com pagead2.googlesyndication.com
1 raw.githubusercontent.com insurance.paketinternet.id
1 raw.githack.com 1 redirects
1 stats.wp.com insurance.paketinternet.id
129 18

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.idtheme.com
Subject Issuer Validity Valid
www.insurance.paketinternet.id
R3		 2021-10-01 -
2021-12-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.6sc.co
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-16		 a year crt.sh

This page contains 24 frames:

Primary Page: https://insurance.paketinternet.id/
Frame ID: F53308DE29E89C312C844204D367A27D
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html
Frame ID: C8898D1FB7B61DA3DC82E30AF5D8AE98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&adk=1812271804&adf=4235265862&lmt=1633135153&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finsurance.paketinternet.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153198&bpp=2&bdt=692&idt=97&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7576792350838&frm=20&pv=2&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: 61ABA7ECE5DD82FC71E6265C7BB05E7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Frame ID: 9CC1CEDC58B73913E06E34E8F5E98D18
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Frame ID: 6287C01AA0E6E1E7D724314C78F9788F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Frame ID: 948F6FDE8B281A2CB9D86264B31F9727
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Frame ID: 299ED4187017A5CB71BC5E4765C3FB76
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Frame ID: 316A2F46F92A9641B8E871428C837C3D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
Frame ID: 454BC5079B5FD4593172CF6DD28753FF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZuTLMapXYdWPF6SX9u8Pz56yGK_ar_1jz9vc1YwPzsLE-8EoEAEgoNnSQWDJBqABm6LS4wPIAQmoAwHIA0iqBNoBT9DTIVY2AjeR5qTaFobDd6rSOBF_ysxZwii6B57JUSmPAudO-8OiKfu3SQCc3bmAdnTCQcLBy25InekuNYtPnb2g1Spa5UBkWrKT3oVD6MAJljRC6TxqqHYnDB6-KcV6c5TjLPy3Kybhvkkc7GMtBwohOWrndQgTXZLf9iMtxoriyQUTcXXQM4gvxUAfDgduZZTeg_vWLR_FV6l0reMkyj0h-YHasKN75aMegkBnEPuW6vHP4foS1ePakAEQFxc788Mpbs4mWmJNuH0XZsWgAr_V_Q6igJp33oXABLmD6_LfA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfN3a0cqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRDp55YB0ggHCIBhEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MTIxMjA0NzI5MDEzNjQzGAA&sigh=Z2jkSK75ko4&template_id=419
Frame ID: B4717F7A0F99955C3EF758A1F7DFCEB9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 44096F5F01BAE40AC3343D766D061743
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss90QumIX69S8GWfB0YYkF0Ds0C-uv-uus_hVRZ74bpxImd7wQsnWGS9shaHwCL_26BTJpg9-ijMgkQoDwA_DCgKsIjlJRvPGcNfEvTpkeNddpnf9wVRDJlZpogYFsYSCnInRYH7cc4Ah3B6KsoVOeYcY5VqRS2UT1pzxEZ8JuysxWF9pSaw8DGcY4cqSJwXo3kp4oa-v0irJPaXJnSyP4mXd1q8gXoiQExzvvMPw--jooVdgwfnkvE_WFBqB0FUZM_eguULdj1RPblBi451QALovMHQ8RTCDWOC9-T7tpt18txX_OTrjlIX15dtSvfRSeznZXlM2wJKE9rXS_VpUYZ7V0JbArGS7nTs2m3xVFBdyAgInjtyXA11jLC_O11xFeaoaQjQHZJVNAjKjjwu6B6vsjGbNptFAjVjNUeoDvh0T1cj_xjfyDVhNtANBuVOR9dUdsvkgNj9ClIyrxHGRGpUPS9lePFxryrtzzqRMrrbSFJ9CUpJoxn2gqzz59eP9Feu1iQraAcN2qWnQNAdJFb44sDl-4gz2D--pdApq0B3nYCltoTuLLD02U4bZlAm4PLV70UFLCcGM3cta9b2lYzCqGTCHRBoySJMEaE8pbKaA4S5WHmPcyPrVkpTa-2JenI61Ixuck1oYkk6KjSejRzs3mYSNTMgGN1svuRm24gM53xwSHG4UWJoZBef_x8fmPeMNxa3rTc02bLmjvFhiIazjcqTwTeXkn5z60zSC7lU4gbUHpeLhnrFWDbrfTfCJW5dlkkZyeRpZNObYjzUMMl8oDD5Hr-Gefyg6ILqkxIQVzwStXluP2ufoZLmkwBTSPbQIUMVB7p0sxlRKdNnPTjryAHJ_jRlz6y-41X0xTWjjHxjYSv7wIXuXYlTLgdMowt1OI2yV1PjjI9GjnCO8qN7IXlXk4X2ZJUTr61Fs7j99Mn06C-FWMY6o3FrZ_N5ghet0w03j7rNAjMLgWjyHpnfba05SRn5n5zpxuZhwHt4RoVvtQ&sig=Cg0ArKJSzBKnoOtAht6iEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 14ED1EBED2C7189C8999E7A1A7107865
Requests: 10 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwhoQDUNq_SBmJh5VuxaDDW-0rSb6zXsDAp-9_CDE5Cf9i-KehcT38Ou4al-6I9FbeZsRdYSVjlcyiJuK6pfgxZnjndBhzPrB9f_JXPoVVSAf44H2b0GhfwUkq2VKTJ1HmY86G5Pr0_XjL96MeI4PhsMsiS7cdvAO0Cf5Q--7Lj-OmTU19iS1sjGGVyKx8efQImkc6u7b0_nvEaSEmHc-9oxhN0rMXd8XAku3DOJRyMK_94_0gX7OozkJxg3ukPjlfkT47wN9dNVwSv4EzASuGx1yjZ-zpB353H57Aw6z3apGODeNV1Ekg3Z-UdUrG-H6Zp3E6S9--l6I4kHi_TaWumeHmauPPhaAD8SAcKOJfoIJOi0w5_wy44wMs6LzpgcZpNnr_-x51LuC752p6ykAT75BW-2J6z505j9jmxxcdhmLIlWp9srVDQPL_dm5sDtoB_EpDMIhX2jQTUuIRLz05PGg2K8ztlm78XQ8qkt3qAb7E-fnt5Wq9MlByljBMHFn2BmaY3RswNQg9MvgjTK0Ws84B70FIRE8st5Q84smRnwT3HBlfbwsNzM1r-wpBUajsRM9Jpk1SB93M1V5a-2K2cN9Y-mYF38e-1CVURane38uel_cxsyJVGj4RPnMIAiRhLJ1pPPdcppV60BnPSmemhe9FJvSqIiwpwHSXGv2gsV-pHh-d-DvhxZYTeRgYlhCdYLdk7vCklLD9Sby9WvTk4Y-NCcZVmGNNaUw5l4oKvwwV_tgqchL2NF6V768hhbuw-nM7n7Bzn5j2J4DYYgdHudiEgYi--ueVo1ey5jBh4g12e052G5GYZT2xqLTlUxCYt1HY785IerSHvhXHVm0eS2ZayJ62v3Pk0o88l-OqiHZmORR2u5ka7LMqYJe983axtgOKuaTT6p1d4alItWPwAMvow7AxZyf6YnYPSxDJ8C5MmyxDBesoY16EUO5dxD2MaXo7xRjaTIsL28iUBcrQ6QQbTxCg2w&sig=Cg0ArKJSzB-7n1l7zzH4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 3A5BEB150C3824A3B7398B725B79274F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1856055AA558E6EEAEBC88592236D2A9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 234BBD100CE909CF8968AD738A775B4E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9917901/1624923546585/index.html
Frame ID: DEF4E8828A9041E605341B6E923E08DD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5797AABF9E78F72A1F017D1D0484C9D3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9F6B72960FD2CEAE1110C6C5E9706F9D
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9DD0C4F7AEC6126E5458BB191AF39798
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Frame ID: 4F59651816761FE7138C1236DFE667A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Frame ID: 7C350D13DE90BBA036D0DA5BECD3C3A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Frame ID: 5C5ECFD3B322E5915229394E88417D85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 835B6CB67C1F809653097D2B17B9DC53
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F1452F137B7BECD5F24C8B2192979A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Car Insurance - Usaa Online Car Insurance Quote

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

129
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

16
IPs

4
Countries

1916 kB
Transfer

4408 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://raw.githack.com/mustofaazka/safelink/main/filesafelink.js%20type= HTTP 301
  • https://raw.githubusercontent.com/mustofaazka/safelink/main/filesafelink.js%20type=
Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 119
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

129 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
insurance.paketinternet.id/ 		43 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache / PHP/7.3.30
Resource Hash
373517e230a8a3634ab9323c9d7ebe43a7bf26a52484b2abb1a6907f57c806be

Request headers

:method
GET
:authority
insurance.paketinternet.id
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 02 Oct 2021 00:39:09 GMT
server
Apache
x-powered-by
PHP/7.3.30
link
<https://insurance.paketinternet.id/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-encoding
br
content-length
7817
content-type
text/html; charset=UTF-8
eaa-styles.css
insurance.paketinternet.id/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/ 		1006 B
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/eaa-styles.css?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
2f1224a088536435ac801bdc41159d3e835ae286e556780a84ea3d8eac751811

Request headers

:path
/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/eaa-styles.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Thu, 23 Sep 2021 02:57:12 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
366
style.min.css
insurance.paketinternet.id/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 02:35:58 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9945
mediaelementplayer-legacy.min.css
insurance.paketinternet.id/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

:path
/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 14:23:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2397
wp-mediaelement.min.css
insurance.paketinternet.id/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

:path
/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 19:15:02 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
982
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.6
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
deddc2d99e04395e282e14fa4eac9106e4e879a6eee372c6077b5d71e408bd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 00:11:09 GMT
server
ESF
date
Sat, 02 Oct 2021 00:39:12 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 00:39:12 GMT
style-nonamp.css
insurance.paketinternet.id/wp-content/themes/superfast/ 		66 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.6
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
e09b201d0038c06f02e5bb9a4c4b9ed93dd854a33cbc50155bcbd3c1dd518e5a

Request headers

:path
/wp-content/themes/superfast/style-nonamp.css?ver=2.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 02:07:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12975
style.css
insurance.paketinternet.id/wp-content/themes/superfast/ 		686 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/themes/superfast/style.css?ver=2.0.6
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
ef0b6d31c7c3acf117be4fef89002b702b399ff435b8b8ea2a65fa0e07a4201e

Request headers

:path
/wp-content/themes/superfast/style.css?ver=2.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 02:07:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
361
jetpack.css
insurance.paketinternet.id/wp-content/plugins/jetpack/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25

Request headers

:path
/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Thu, 23 Sep 2021 00:58:37 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15897
jquery.min.js
insurance.paketinternet.id/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 13:37:24 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30311
jquery-migrate.min.js
insurance.paketinternet.id/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 07:36:06 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3998
eaa-scripts.js
insurance.paketinternet.id/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/ 		886 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/eaa-scripts.js?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
69a7a45d569c44339749b1cfd2d5c941c4f4a1475a8bdc480de926b838df3413

Request headers

:path
/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/eaa-scripts.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Thu, 23 Sep 2021 02:57:12 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
238
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7121204729013643
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f72f69be7f990afd289beee0e0b29aa18599c1ca2151b9b00061e9df838c58c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.paketinternet.id/
Origin
https://insurance.paketinternet.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50843
x-xss-protection
0
server
cafe
etag
17900365080893631796
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 00:39:13 GMT
Car-Insurance-Quote.png
insurance.paketinternet.id/wp-content/uploads/2021/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insurance.paketinternet.id/wp-content/uploads/2021/09/Car-Insurance-Quote.png
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
4f9eecddbbf0a8d525a8abb1dd977c702e613716734ee0e4751a90678162ce9b

Request headers

:path
/wp-content/uploads/2021/09/Car-Insurance-Quote.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
last-modified
Wed, 22 Sep 2021 03:12:19 GMT
server
Apache
accept-ranges
bytes
content-length
8994
content-type
image/png
js.cookie.min.js
insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		1 KB
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

:path
/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 05:38:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
667
jquery.iframetracker.min.js
insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

:path
/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 05:38:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1066
aicp.min.js
insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		777 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

:path
/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 05:38:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
375
customscript.js
insurance.paketinternet.id/wp-content/themes/superfast/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/themes/superfast/js/customscript.js?ver=2.0.6
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
650b69fdeac0a7757380e83d5fde41c17288cf636a0e98c467ab7ec22f48bb74

Request headers

:path
/wp-content/themes/superfast/js/customscript.js?ver=2.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 02:07:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3875
wp-embed.min.js
insurance.paketinternet.id/wp-includes/js/ 		1 KB
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 13:59:24 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
663
e-202139.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202139.js
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 18 Sep 2022 22:18:48 GMT
filesafelink.js%20type=
raw.githubusercontent.com/mustofaazka/safelink/main/
Redirect Chain
  • https://raw.githack.com/mustofaazka/safelink/main/filesafelink.js%20type=
  • https://raw.githubusercontent.com/mustofaazka/safelink/main/filesafelink.js%20type=
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/mustofaazka/safelink/main/filesafelink.js%20type=
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-133.github.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

date
Sat, 02 Oct 2021 00:39:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0TYk0DmIX2EbVe1EgVqTbPwwvBmwXJYOnrdRpUIZFrRvgC27XMO3eJXSUznyvDUiosqWTNpqJtweKuH%2BXMOG631%2FsfjD%2B0%2FRfNUbRL%2FVHjHupc3l9lRQlR1UQq82mCgS3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://raw.githubusercontent.com/mustofaazka/safelink/main/filesafelink.js%20type=
cache-control
max-age=300
cf-ray
6979df535e754137-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
191
expires
Sat, 02 Oct 2021 00:44:13 GMT
wp-emoji-release.min.js
insurance.paketinternet.id/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 20:45:12 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4542
ElegantIcons.woff
insurance.paketinternet.id/wp-content/themes/superfast/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://insurance.paketinternet.id/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.253.213.15 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS
yahukimo.satu.rumahweb.net
Software
Apache /
Resource Hash
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

:path
/wp-content/themes/superfast/fonts/ElegantIcons.woff
pragma
no-cache
origin
https://insurance.paketinternet.id
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
insurance.paketinternet.id
referer
https://insurance.paketinternet.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.6
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://insurance.paketinternet.id/wp-content/themes/superfast/style-nonamp.css?ver=2.0.6
Origin
https://insurance.paketinternet.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:11 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 02:07:04 GMT
server
Apache
vary
Accept-Encoding
content-type
font/woff
accept-ranges
bytes
content-length
63668
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://insurance.paketinternet.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 09:10:37 GMT
x-content-type-options
nosniff
age
314916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 09:10:37 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7121204729013643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3523f4564607513e81b5fd0c6612a4e7dd94cce6830b24843bcb79b277d253ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97121
x-xss-protection
0
server
cafe
etag
1204139040078545873
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 00:39:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/ Frame C889 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7121204729013643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210927/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 01 Oct 2021 23:50:07 GMT
expires
Fri, 15 Oct 2021 23:50:07 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
2946
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		206 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=insurance.paketinternet.id&callback=_gfp_s_&client=ca-pub-7121204729013643
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
d10dc238e54cbb75a9815209538029af6374e722f28ad9bcc4d57747ca767cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=insurance.paketinternet.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 61AB 		146 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&adk=1812271804&adf=4235265862&lmt=1633135153&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finsurance.paketinternet.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153198&bpp=2&bdt=692&idt=97&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7576792350838&frm=20&pv=2&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9c555659388ad4781fbc1b9f4e91503c66674e1036f514fe2a6281f4effef9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&adk=1812271804&adf=4235265862&lmt=1633135153&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Finsurance.paketinternet.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153198&bpp=2&bdt=692&idt=97&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7576792350838&frm=20&pv=2&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:13 GMT
server
cafe
content-length
40233
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9CC1 		82 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
445e31ecb8590121e85e039032d89444eb09f3bfd0abbe4ff59937f81db435b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:14 GMT
server
cafe
content-length
27104
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:14 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6287 		51 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c0bf283e0486f7d40adde2d96cde9e6f64af3cff659e045d33c1ededb30a82b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:13 GMT
server
cafe
content-length
23114
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 948F 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
95fd59c3fb188e1287bf98819d1a91ea7f5874185c02f14f596e124ed6d5e59a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:13 GMT
server
cafe
content-length
30320
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 299E 		137 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
78d6d93df938ee4505d288abe08a15634f4ab8b8efb662fdd5645048c78f3e25
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXsv8W-qvMCFaSL_QcdT48MAw&gqi=MapXYevTFt3I7_UPusCa8Ac&layout=/sadbundle/%24csp%253Der3%24/9943399037034566095/ESP_CALA_Auto_300x250/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXsv8W-qvMCFaSL_QcdT48MAw&gqi=MapXYevTFt3I7_UPusCa8Ac&layout=/sadbundle/%24csp%253Der3%24/9943399037034566095/ESP_CALA_Auto_300x250/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:13 GMT
server
cafe
content-length
42852
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 316A 		89 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
15e0a03031fdc5546730da1a9c6be57e491365b33a78cb971e602c9725c2d252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 00:39:13 GMT
server
cafe
content-length
27787
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 00:54:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=197953782&post=0&tz=0&srv=insurance.paketinternet.id&host=insurance.paketinternet.id&ref=&fcp=3771&rand=0.9443242932431524
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 299E 		67 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:16:20 GMT
x-content-type-options
nosniff
server
cafe
age
30173
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 02 Oct 2021 16:16:20 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/ Frame 454B 		2 KB
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
3b60c7cb76673e5d91469336512de11460422da087b9fa76ac4050f9db117d69
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
886
date
Fri, 01 Oct 2021 07:42:20 GMT
expires
Sat, 01 Oct 2022 07:42:20 GMT
last-modified
Thu, 23 Sep 2021 20:38:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
61013
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame B471 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZuTLMapXYdWPF6SX9u8Pz56yGK_ar_1jz9vc1YwPzsLE-8EoEAEgoNnSQWDJBqABm6LS4wPIAQmoAwHIA0iqBNoBT9DTIVY2AjeR5qTaFobDd6rSOBF_ysxZwii6B57JUSmPAudO-8OiKfu3SQCc3bmAdnTCQcLBy25InekuNYtPnb2g1Spa5UBkWrKT3oVD6MAJljRC6TxqqHYnDB6-KcV6c5TjLPy3Kybhvkkc7GMtBwohOWrndQgTXZLf9iMtxoriyQUTcXXQM4gvxUAfDgduZZTeg_vWLR_FV6l0reMkyj0h-YHasKN75aMegkBnEPuW6vHP4foS1ePakAEQFxc788Mpbs4mWmJNuH0XZsWgAr_V_Q6igJp33oXABLmD6_LfA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfN3a0cqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBRDp55YB0ggHCIBhEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MTIxMjA0NzI5MDEzNjQzGAA&sigh=Z2jkSK75ko4&template_id=419
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 00:39:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 02 Oct 2021 00:39:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame B471 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame B471 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B471 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame B471 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
741
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4409 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 00:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 454B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 02 Oct 2021 01:24:38 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 454B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 23:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 02 Oct 2021 23:30:30 GMT
lottie_light.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/ Frame 454B 		143 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/lottie_light.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
9b5eec92023b9583b8f794ab9dae2b4171cc2e78a46a12acafd314ec501ece79
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
61013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40872
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 20:38:51 GMT
server
sffe
date
Fri, 01 Oct 2021 07:42:20 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Oct 2022 07:42:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4409
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 00:39:13 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 02-Oct-2021 01:39:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:13 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 00:39:13 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESP_CALA_Auto_300x250.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/ Frame 454B 		52 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/ESP_CALA_Auto_300x250.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/lottie_light.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
2eb6c8f69f45093e05bea19399e07f997b3bbf4aa07b36b22ae0b09179b79042
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
61012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 20:38:51 GMT
server
sffe
date
Fri, 01 Oct 2021 07:42:21 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Oct 2022 07:42:21 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ecdc037bbf824d8874a0177b6f20ccd51540a589a7b015c53eae199a770d91f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52249
x-xss-protection
0
server
cafe
etag
8168734258521389743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 00:39:13 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 454B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/images/ Frame 454B 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/images/img_0.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
44aaa6d010eb8a689b695890dbdc510bd1a4083d5e256315ee828d16070af845
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
61012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34813
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 20:38:51 GMT
server
sffe
date
Fri, 01 Oct 2021 07:42:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Oct 2022 07:42:21 GMT
img_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/images/ Frame 454B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9943399037034566095/ESP_CALA_Auto_300x250/images/img_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3763870802&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=151&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1736&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=ev2EYS0CS7&p=https%3A//insurance.paketinternet.id&dtd=153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
ce5917bb28a77b282a893868fe246fc9ccd756d0e5b286ac0e2d463f9f0181a5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
61012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20532
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 20:38:51 GMT
server
sffe
date
Fri, 01 Oct 2021 07:42:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Oct 2022 07:42:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 14ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss90QumIX69S8GWfB0YYkF0Ds0C-uv-uus_hVRZ74bpxImd7wQsnWGS9shaHwCL_26BTJpg9-ijMgkQoDwA_DCgKsIjlJRvPGcNfEvTpkeNddpnf9wVRDJlZpogYFsYSCnInRYH7cc4Ah3B6KsoVOeYcY5VqRS2UT1pzxEZ8JuysxWF9pSaw8DGcY4cqSJwXo3kp4oa-v0irJPaXJnSyP4mXd1q8gXoiQExzvvMPw--jooVdgwfnkvE_WFBqB0FUZM_eguULdj1RPblBi451QALovMHQ8RTCDWOC9-T7tpt18txX_OTrjlIX15dtSvfRSeznZXlM2wJKE9rXS_VpUYZ7V0JbArGS7nTs2m3xVFBdyAgInjtyXA11jLC_O11xFeaoaQjQHZJVNAjKjjwu6B6vsjGbNptFAjVjNUeoDvh0T1cj_xjfyDVhNtANBuVOR9dUdsvkgNj9ClIyrxHGRGpUPS9lePFxryrtzzqRMrrbSFJ9CUpJoxn2gqzz59eP9Feu1iQraAcN2qWnQNAdJFb44sDl-4gz2D--pdApq0B3nYCltoTuLLD02U4bZlAm4PLV70UFLCcGM3cta9b2lYzCqGTCHRBoySJMEaE8pbKaA4S5WHmPcyPrVkpTa-2JenI61Ixuck1oYkk6KjSejRzs3mYSNTMgGN1svuRm24gM53xwSHG4UWJoZBef_x8fmPeMNxa3rTc02bLmjvFhiIazjcqTwTeXkn5z60zSC7lU4gbUHpeLhnrFWDbrfTfCJW5dlkkZyeRpZNObYjzUMMl8oDD5Hr-Gefyg6ILqkxIQVzwStXluP2ufoZLmkwBTSPbQIUMVB7p0sxlRKdNnPTjryAHJ_jRlz6y-41X0xTWjjHxjYSv7wIXuXYlTLgdMowt1OI2yV1PjjI9GjnCO8qN7IXlXk4X2ZJUTr61Fs7j99Mn06C-FWMY6o3FrZ_N5ghet0w03j7rNAjMLgWjyHpnfba05SRn5n5zpxuZhwHt4RoVvtQ&sig=Cg0ArKJSzBKnoOtAht6iEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 02 Oct 2021 00:39:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 14ED 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 14:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123573
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 30 Sep 2022 14:19:40 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 14ED 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
1149b4e0fd05ae859746ff5efb3ba8c59a82ec0414e60db64178bee9efde7b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 22:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12762
x-xss-protection
0
server
cafe
etag
4480342589260282775
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 22:14:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 14ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 14ED 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 14ED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
741
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 14ED 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
300x250-knowledge-align.jpg
s0.2mdn.net/5406241/ Frame 14ED 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5406241/300x250-knowledge-align.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=2993774226&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153201&bpp=1&bdt=695&idt=131&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bRCEIUIWPL&p=https%3A//insurance.paketinternet.id&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
e5a7024c26a20417daf19cfce4e7ff4457df6625fb5f8489f8d705e262d1162c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 22:14:47 GMT
x-content-type-options
nosniff
age
8666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67605
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 19:13:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 22:14:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3A5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwhoQDUNq_SBmJh5VuxaDDW-0rSb6zXsDAp-9_CDE5Cf9i-KehcT38Ou4al-6I9FbeZsRdYSVjlcyiJuK6pfgxZnjndBhzPrB9f_JXPoVVSAf44H2b0GhfwUkq2VKTJ1HmY86G5Pr0_XjL96MeI4PhsMsiS7cdvAO0Cf5Q--7Lj-OmTU19iS1sjGGVyKx8efQImkc6u7b0_nvEaSEmHc-9oxhN0rMXd8XAku3DOJRyMK_94_0gX7OozkJxg3ukPjlfkT47wN9dNVwSv4EzASuGx1yjZ-zpB353H57Aw6z3apGODeNV1Ekg3Z-UdUrG-H6Zp3E6S9--l6I4kHi_TaWumeHmauPPhaAD8SAcKOJfoIJOi0w5_wy44wMs6LzpgcZpNnr_-x51LuC752p6ykAT75BW-2J6z505j9jmxxcdhmLIlWp9srVDQPL_dm5sDtoB_EpDMIhX2jQTUuIRLz05PGg2K8ztlm78XQ8qkt3qAb7E-fnt5Wq9MlByljBMHFn2BmaY3RswNQg9MvgjTK0Ws84B70FIRE8st5Q84smRnwT3HBlfbwsNzM1r-wpBUajsRM9Jpk1SB93M1V5a-2K2cN9Y-mYF38e-1CVURane38uel_cxsyJVGj4RPnMIAiRhLJ1pPPdcppV60BnPSmemhe9FJvSqIiwpwHSXGv2gsV-pHh-d-DvhxZYTeRgYlhCdYLdk7vCklLD9Sby9WvTk4Y-NCcZVmGNNaUw5l4oKvwwV_tgqchL2NF6V768hhbuw-nM7n7Bzn5j2J4DYYgdHudiEgYi--ueVo1ey5jBh4g12e052G5GYZT2xqLTlUxCYt1HY785IerSHvhXHVm0eS2ZayJ62v3Pk0o88l-OqiHZmORR2u5ka7LMqYJe983axtgOKuaTT6p1d4alItWPwAMvow7AxZyf6YnYPSxDJ8C5MmyxDBesoY16EUO5dxD2MaXo7xRjaTIsL28iUBcrQ6QQbTxCg2w&sig=Cg0ArKJSzB-7n1l7zzH4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 02 Oct 2021 00:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 3A5B 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 10:09:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A5B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 14:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 30 Sep 2022 14:19:40 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 3A5B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
1149b4e0fd05ae859746ff5efb3ba8c59a82ec0414e60db64178bee9efde7b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 22:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12762
x-xss-protection
0
server
cafe
etag
4480342589260282775
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 22:14:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 3A5B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A5B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 3A5B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 3A5B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=2525535079&adf=3656505798&pi=t.ma~as.9801049071&w=630&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=630x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153202&bpp=1&bdt=696&idt=144&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ROfJCO3d4b&p=https%3A//insurance.paketinternet.id&dtd=148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=insurance.paketinternet.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/ Frame 1856 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 01 Oct 2021 04:03:35 GMT
expires
Fri, 15 Oct 2021 04:03:35 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
74139
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B471 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40de39a40e282ee58bafd19e7197cdc4f596ef7a90c8faf4a5b9e56c6cd0aa1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 234B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 30 Sep 2021 14:19:40 GMT
expires
Fri, 30 Sep 2022 14:19:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
123574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 14ED 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca666242947310a47d5e6cd5e774c48052abf46bfa7dd7ade51280d93564b620

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
18186705545736922137
tpc.googlesyndication.com/daca_images/simgad/ Frame 316A 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/18186705545736922137
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
66cdbeb484fb2bd42c8711bead94fc5a62d2853c2281444f8056dbbe38d78ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:08:38 GMT
x-content-type-options
nosniff
age
243036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78247
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 11:55:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Sep 2022 05:08:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 316A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 316A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 316A 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:16:20 GMT
x-content-type-options
nosniff
server
cafe
age
30174
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sat, 02 Oct 2021 16:16:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 316A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmTmoMapXYaanGOvH7_UPzfud-AWtp8DDZeS--PrZDZTt3sCIHxABIKDZ0kFgyQagAczxksYDyAECqAMByAPJBKoE3QFP0MNRYBvWj4hrTBu6gVuA0rcwSUygbIkcvto4bdVZ4xkfrBj5uhUjUbSA5ya5NxCvrWR8zfztPRFcDW2R0N9PwXLG5heMr36ucYLp70TNIbbhNr0c9s7zisWnnMcoZ9kD3Isj-lK40GPIe-YXF80EEtZ7LgiRUU2AruzK5VnsSN6n_lqu-Q-6Krl9m42RgKEKDIktddnzJONPJpiH-k4IwWB7QYyhP_g1hL5vHImNXLW06gCkVzH7O908yNF-VhlVuV93bhjC1NBgs07q4X3FZeANHBebUPpICPhb3MAE74ejoMIDkgUECAQYAZIFBAgFGASgBgKAB5yO7TmoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEENr_N9IIBwiAYRABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzEyMTIwNDcyOTAxMzY0MxgA&sigh=_QVwrxjwAXs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 00:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 316A 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 316A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 316A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 23:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
server
cafe
etag
8885281346021324493
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 23:26:45 GMT
css
fonts.googleapis.com/ Frame 9CC1 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 23:15:43 GMT
server
ESF
date
Sat, 02 Oct 2021 00:39:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 00:39:14 GMT
index.html
s0.2mdn.net/9917901/1624923546585/ Frame DEF4 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9917901/1624923546585/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
341847e5e5c2504742ae58f16ec6fce260a7db7ece04c167b428d1d190988571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9917901/1624923546585/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4503
date
Fri, 01 Oct 2021 09:31:12 GMT
expires
Sat, 02 Oct 2021 09:31:12 GMT
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
54482
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9CC1 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:28 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 9CC1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9CC1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CC1 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9CC1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 9CC1 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 03:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 29 Dec 2021 03:59:53 GMT
css2
fonts.googleapis.com/ Frame 1856 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 23:15:48 GMT
server
ESF
date
Sat, 02 Oct 2021 00:39:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 00:39:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1856 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:23:58 GMT
x-content-type-options
nosniff
age
54916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 01 Oct 2022 09:23:58 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1856 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:54:11 GMT
x-content-type-options
nosniff
age
49503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 01 Oct 2022 10:54:11 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/ Frame 1856 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 23:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7655
x-xss-protection
0
server
cafe
etag
17297134792721902632
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 23:09:17 GMT
truncated
/ Frame 3A5B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9130389044d8cb3e90c75d2cc25c9d665a8db104dfcc64594b67f75ac8b54bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/7370101005779743755/ Frame 9CC1 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7370101005779743755/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
287586e5864fcc54f5b6f9421b1591cbb7304c52a9d6b8b122cf0db9dcedac98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:27:41 GMT
x-content-type-options
nosniff
age
33093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35867
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 12:37:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Oct 2022 15:27:41 GMT
truncated
/ Frame 9CC1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5797 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 30 Sep 2021 14:19:40 GMT
expires
Fri, 30 Sep 2022 14:19:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
123574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img.gif
t.6sc.co/ Frame 9CC1 		43 B
774 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.6sc.co/img.gif?event=imp&ppgid=098af2d4&cb=2314154953
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 00:39:14 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e1b-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9CC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6ffzMapXYZn-FdeN7_UP76uy2Aq3uIu7ZZub0Nf9Df3a5buPDhABIKDZ0kFgyQagAfWFstgDyAEJqAMByAPLBKoE5QFP0K0eWwCg7RRi4pl93cXsPOTNcPPQY3c9Q_2-N3bWdDDUrFxcaErBk-E6G4Q8jlnmN9lRlyiucnlY2jq7WEzuHCssoUwm9zjGLLAlR5_KkE0i0Pv9UvGzBv9-c_w24MGwV6GfJJp3e2sF49J6xOFOm5BUuq0KYLGmhIomBBXNcdyHxOsrMZgx49BhCZcnHMj8G4K5rp-JZMICGt3mhlwkVeztnYJcRU2sAHhsJXGYt7OC7FkjoJKRvVdhTa6JYColtr56E7ZVoE19XEMgt63onH3p-w9rT-5OyNEtzO212sllKXcdwATu2fqDlgOSBQQIBBgBkgUECAUYBKAGLoAH8_nNJ6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ8Khk0ggHCIBhEAEYX4AKAcgLAbgTiCfYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNzEyMTIwNDcyOTAxMzY0MxgA&sigh=qd0ltwCfNRI&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 02 Oct 2021 00:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9F6B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 00:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 316A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7e6fdfb13a61dfaa1464818ef6d2debc4ae7501649b88b1a636062ffca183ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9CC1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9f06bf1c0753f0e0f9f5670ca99ee4e7a4642a9139e7c993d46feec11fc1b2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
980b579b9302cbaa48b87738d42a8cf3.js
s0.2mdn.net/9917901/1624923546585/ Frame DEF4 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9917901/1624923546585/980b579b9302cbaa48b87738d42a8cf3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
acf344494bfc938ab82288b98b97dfb7bbf0d86c8459b79c0ea8ce214b59de74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19146
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 02 Oct 2021 09:31:12 GMT
css
fonts.googleapis.com/ Frame 9DD0 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 00:26:12 GMT
server
ESF
date
Sat, 02 Oct 2021 00:39:14 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 00:39:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9DD0 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:28 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 9DD0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:18:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9DD0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:34:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9DD0 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 00:39:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 9DD0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 00:26:52 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 9DD0 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 03:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 29 Dec 2021 03:59:53 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9CC1 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options
nosniff
age
316509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9CC1 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:08:17 GMT
x-content-type-options
nosniff
age
333057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:08:17 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 234B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
user_uploaded_montserrat_800_normal.ttf
s0.2mdn.net/9917901/1624923546585/fonts/ Frame DEF4 		70 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9917901/1624923546585/fonts/user_uploaded_montserrat_800_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/980b579b9302cbaa48b87738d42a8cf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
17ae49f737f0b36ce87dd587a7fda35a7d95eb330d175f27e70062905894b486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32587
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 09:31:13 GMT
user_uploaded_kapra_400_normal.ttf
s0.2mdn.net/9917901/1624923546585/fonts/ Frame DEF4 		80 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9917901/1624923546585/fonts/user_uploaded_kapra_400_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/980b579b9302cbaa48b87738d42a8cf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
afeb7aa78bc3fba1c37c58c95e0a8ac41c3730e7f6dab5d3ef317d87fe049466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45647
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 09:31:13 GMT
user_uploaded_montserrat_600_normal.ttf
s0.2mdn.net/9917901/1624923546585/fonts/ Frame DEF4 		69 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9917901/1624923546585/fonts/user_uploaded_montserrat_600_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/980b579b9302cbaa48b87738d42a8cf3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
ad0617cb22365ddd0932316860b0e8630a7b926389e65a42c4256e858a58c072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32239
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 09:31:13 GMT
a2b3ec328d9aa1520251c6d5c0801548.png
s0.2mdn.net/9917901/1624923546585/media/ Frame DEF4 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9917901/1624923546585/media/a2b3ec328d9aa1520251c6d5c0801548.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
f8b4e801d513a3932652ede9cfdec3e450c5268ebf1baa6f7413661b7912fd29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
x-content-type-options
nosniff
age
54481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
280000
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Oct 2021 09:31:13 GMT
de6401f64f92e294ce5b10084773c066.png
s0.2mdn.net/9917901/1624923546585/media/ Frame DEF4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9917901/1624923546585/media/de6401f64f92e294ce5b10084773c066.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
bb266a3dada02e7813141204056b650007526f2838e0c566e719055e9d8aa8c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
age
54481
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4299
x-xss-protection
0
expires
Sat, 02 Oct 2021 09:31:13 GMT
2f52e51e55ecf38b258811ef88ccae48.png
s0.2mdn.net/9917901/1624923546585/media/ Frame DEF4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9917901/1624923546585/media/2f52e51e55ecf38b258811ef88ccae48.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9917901/1624923546585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
abce489e18fc893c20a30256e8d537c19261653d71d5434a7a8251db2097179e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9917901/1624923546585/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:31:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Jun 2021 23:39:06 GMT
server
sffe
age
54481
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4233
x-xss-protection
0
expires
Sat, 02 Oct 2021 09:31:13 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 5797 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9F6B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 00:39:14 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 02-Oct-2021 01:39:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 00:39:14 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 00:39:14 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 4F59 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=1573534164&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153203&bpp=1&bdt=697&idt=156&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C630x280%2C630x280%2C630x280&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=2785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=SEeK2nBYPd&p=https%3A//insurance.paketinternet.id&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 7C35 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7121204729013643&output=html&h=280&slotname=9801049071&adk=3752214957&adf=3025194257&pi=t.ma~as.9801049071&w=1200&fwrn=4&fwrnh=100&lmt=1633135153&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Finsurance.paketinternet.id%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633135153200&bpp=1&bdt=694&idt=122&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7576792350838&frm=20&pv=1&ga_vid=1612417351.1633135153&ga_sid=1633135153&ga_hid=240727570&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C21066435%2C31062422&oid=2&pvsid=229205628408016&pem=159&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TuaOTxP14z&p=https%3A//insurance.paketinternet.id&dtd=126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 5C5E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: insurance.paketinternet.id
URL: https://insurance.paketinternet.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
115021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 16:42:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
07ef739ddc51001110f397572fcef58fd5bdd857642d57548373113d8b7eb0da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8639
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 02 Oct 2021 00:39:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 835B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 20:54:24 GMT
expires
Sat, 01 Oct 2022 20:54:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5F14 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f4.1e100.net
Software
GSE /
Resource Hash
71fd1912225ea780b9a878af91756c406a8e9a66f6a536db38fd0d7a42ec7266
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-98ykpsevyNN/ZIJjJ9FQeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://insurance.paketinternet.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 02 Oct 2021 00:39:14 GMT
date
Sat, 02 Oct 2021 00:39:14 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-98ykpsevyNN/ZIJjJ9FQeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 234B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZXXrMapXYZGLFvuT7_UPvpyG0AUAAAAAOAHgBAI&bg=!7-yl7KjNAAZE-GIIRPg7ACkAdvg8WhVgwz49PnNsFl3gryVdyUJhaK_v5ijNZmE91HUJta0rEbbc3AIAAAFVUgAAACNoAQeZAyEdZRhOo3QJKPX9qwvc_LixvYMRjGNNST9mPwRNeXCIROf7t4bXyhYOugakq_nCWykrHyPCdTLfWawNauExBHccBuFkK_LR4qtKgIF-WTC-q9_xPtloSDZBcrDWWRflnOWFlR3tvaiEBRCSKiS5E7Taaf0bmPHQQ_FjTpJ0a-ee83GT7eD0N6-iVa9zeLhwb_VoysUp2ErIUHxOloPzeLCghR1Jqp7bNs4TjKUoPTBzCvgKsVKGXpuR8PmpfDO2bCYyZPOF_qHANpY54ecZz_Lye-7Yn3FJPvahL1oF_amOetCNckTeiNzpDlxJamwY2uLxRCaoQJrBusa2zvU-EhLjGiGF1hxY_YlNkjn5gDPmfPj28u1OVO_1rMZAdKkdsrlm8LqBMgH8HevrBfywqZu9hys_OilmXXI_dBXsbayTXqvqqymG3_5lnPuDufopgbO9iEMSYJ0RRsq1bu2WW6MRLwFFqKeRRkeQSq07F6XWT3TFs9uaLa-cRu08cUbdn9OitOGj8orPsiw7HOm2Bg7HSoM05lvDUWk-P6_y2J3QxBxMuFiuSQ6UxItizMBLCJ8f00503USv1BztHBOlgD_aF2aSxJIBGF1DAlyX_7bHwpml3F7toi8CaRMFer-jp0zhhcQ3Vea4pZxExbrJWJ020AzUFmXCBWPeZ3Rvwl8fdWyaIzE1xTxXkz5md77rzq8lI2Z-dNSI_8te2YFJseoYPSXF0TV52xjg2aHrbCwcvKZCQx3B5ISPpgrz3YEQU5IyFem_-lxVRdbHyXz7anGadL-AEXLDpr6wWxuK5fTS2U6MWZOss4ciOZKtqQkuU-hngGwHv841KoUnZ4hbFZVabY-NRjQJ67A-QzwMr4drpb9Yhl36LPucjXH-2iySSHqb8simxrrD_bAnHYEm-VW144oou17ptjbgXl0YfswI1oH2IU9L0irue7X48VRbS3oBkivMv4tN-sEDEgCvk1974jFCjNmKkIXBbYNEM2pvrPDM8gifbu8djBo5WtuY39SezyCFezVz55NaMMEWqkNhH6rxJKiKTUMp1qQQTwO1W24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 00:39:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210927&jk=229205628408016&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
pagead2.googlesyndication.com/bg/ Frame 835B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 07:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
60391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 07:52:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5797 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_4EiMapXYZ_8FrqQ7_UP7vOp6AMAAAAAOAHgBAI&bg=!NDelN3PNAAZE-GIIRPg7ACkAdvg8WgMbEpj97uI-JDRu0dGBGFuPZPNNcRvZEveS-BKaIkjicIxCTAIAAAEwUgAAAAxoAQcKAFYMNd08EJM-R7Vevyey4ctvZoAQqBVajm_JKh10VSB6iOqdUbUc4_wH6kduC2kmLjfAMmK2kSG3qxzMJAKRGVANJVkTRuQ_buBh8sOt1e2bioxNdbVuTpkDKWEvCXSptoQfmulREuhz70PfiTKcLUAcVnSFAP0rSsHUbIVg7n6mE2rG_u30bOB8eACZCLHSLUYho8_ynfnncaZl-Wh2UpSYgDAm6--zrBgyfqg_5dvjcCW-0Q4w6_baVfL3N21nz804ieSqKG7kI_t2sTeVY1vHNuzRP2dCBqdvWy8rHnjw20IAFm-kuOyyA4DO6RyCso7BuKa6rMXdtQb8zm3StgwiYym4W2yAA6RioWUlSX2cKDupzrY-g7yJNi5p4sEM-qRFK285Lgb6FTwZEYWt16HJo1eleZuRczxjL8i4XgSsoWkxjWS1gPfpPQRq0VwDdatiQyq4SZucFSRxkPHIIZX2F6E9BIAeKwxUyXEmoiYCQV8OS7Fsd44y2qNu87gibubxEg65chDaTOaSSdk3thEwqpZVxt-hW8J3U0tvXbbCFPfO7j-dXAIsGWvI0iennxBF9VAdK8fmACEV4I_4BW6VzTYazm5cp9aQPsL1c-iFJ_42cWm2cBIkIU5X2MjCIUjxPyzCZMY4_Clenfnu50RJrHfhK-nVlzvsDDiQa7cuW0h6_EHDFkpesbiFcRGnuZ9EbvsXrqzMqqT5eKLST-2uqfpmcwoTo_CB1gvZVS7Ps9VVHXsNhoyWrCr5F1-43GyPuISokxDh6_oD6kBi-aP4arGeoB9RT4SGM5fr6obGDUKOeChiJZp7WBtf3juOKtrNshw-vwhEQXXKWrKemGUYGuBH2MmHeJ_i5gNrBuDCz_abx1Hecy6ltkGzrnIDfaKvI3H1_F_bwopV8tyoGLJ4WDBY4QZUaH7_jX664xwdqg7jQ0bI9eVsPeU48Czy7ZVvL5phNa2r0pyIC6b2Lgl97t9G1jSEUOjRBpQHzhLU0Un3dMFHxJFg-JA9j5vHtouxPpIoyUPLtiXL6l4HWhRwpdxb6CoCkxQcx8PRAjzOxRRsCN5Yf1Vr6Dx3wdvvdVotAFYSxW545NuZeF-T184E2m-dmATGVR3SzmYQkRYOCN5C-hs2LsdP_hcYuIFc7AJrKDmCk3T0Ej1y7kTdLCsgVFakrs7wgNNSoayGUr6lwU5O
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 00:39:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210927&jk=229205628408016&bg=!mJulm9_NAAZNQyuQTUM7ACkAdvg8WqywHeDM6yH3kVm2WZvePO7W3xkqdU_OgtDwJzZHYHAjyz0BvQIAAABJUgAAAAloAQcKAMOfmI_LlY-U-WkHfpI5gt-ZG_4S51xq4PZZIyC-NaoLq4uK5v1SzG-LV_B3b-BcwPj0pZ46SlG-I783BJ00kwccE0dOXkmlXulcPSwO5Nx5Xa0nAph4A5M5Kj5UqzJh_Z_S0EVCCyE9yeQ-pKnpMAfUm2ij7ugh_VARoVBFgybMWWghcylEDeqQ-8yzg36x2kVSgYROJbYzmzXI80EQoauYHuRYmeeZKxmnNV8eYcuXSzsH1odOmnqeFFvg7c6mPfi8lCmZAsKJ75GBphtVZ7AcPE2z8Byz4m_pvuynstDG37eWMAyHQJo7Rskk7s-9bSt0VjCbxbudEm2UgOsZ8YYfiexmUEFcYVAT4DU4j3Iu_rM0VQQWmsR1UTWHoZ-GgtlwrFML9ItgozoLIRd1HEKrLDsvrlcLGdr3gDLWMVVXKOSU1q3iIsEbIV-fopk1JsyaQtc9sxBRIwLhOo7oUzP1DDtrw7HTDgEDwPHLWK_EOayLEdnVPi_ToJahsS9IH5wbZEIuT6GzLJwzAUU-oiMrWnv0anPZMYWV4TF4Od8J0r5pKlVR3cVxLxw7r7UpQuT8ZJ84_jHKj7Ka0DmTz8wdJ1AsuLEDwBof2IUIxBTmsKYyc4RbAxi82rTJjsIPIZRgvWhwiz03RJIx-q-ZcIz4cEx-QDpKHpRwTmlzEAEsex9jlxUJKeT_QksBAdgxJNdPvq-lz1VJIM6XD2o2D1WrKBuIIoC1pxPmQXftEtVdXIGoGNDchhWdKuwm6LVEwqHHKYWSlkXvK3BATnRo4jHMh3zG8aJGSpIDieq6W6hEsZn5jNoW3t7CaNABxA_jsygiZy4AI_NrPS4U_ZSaFQ5dsZ-Y1YjNUGzenRbR2BWwEjFyWoI9BHjA7w2wCW0aYEG6FiNW98wRMM1Xv5kmIVBHHNaH4g_YreQiRvrldXkVYbUfVKf5fnW8hSbENLPHzX0wBKHNbOZblyFKDBA9g2FLzsnpzlbxLl-d0l3DNJG0SA8bToqoxomLqkwWNbFkgz-IyAbv_oX1npZeH7hgFyI69pIhinZhD_I85-0LqWY57sufabuCoHUeQjB-KKLoowztDW8R2DbzTLFO4EOtg_fuayuqiBfyTyGsLEDkbiwm_EbJFUXQYhYO4JPUCF7klADNef-STxp-VzShXT0iyOUEmTV__WePyBi3mv0HlJX7CaXQ_JnyvqtU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.paketinternet.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 14ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6Bz6-orrqljdB6f2IsBmvz-2NcH67gJww49Xjv2DbpL4zLg3n-EaWJOKJi9GlwRjwmBk1jtPwq0aGVfc8sa8XVlO28z-9huylOkYy6LH27Te2kekdTvnrUVHAzr1hrtVY56bM9pzfpUX6QIV9UDLsvz7qeVwAClNkfZQ5sHs&sai=AMfl-YSGmiNrWK2cb0f-1-bdqcCN4V1mLFoh-up_gtzVRILI0ta63qSLUYJyt9B-o-p4BS-O0PeHXqtqkaE5&sig=Cg0ArKJSzFZKVtGPobT_EAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2525535079&rs=2&met=ie&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633135153902&rpt=186
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 00:39:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CC1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBxGo7x710sjkL_aYWvO-OebiTV-VH3BUTtBIsYucKZHYOUOKmc4NhLfbBzC-TFwD1FCedJGjmlsbTiye1Sqpal0823BjDUW2I3Hu5U92i-vDLMss&sai=AMfl-YRV_bKigGF3DElycekT4BDtGR7sn65t__hKZDiiWAfl91wLxTM-CBbe_6QaepJMLk-UlE0gOdRf16oe&sig=Cg0ArKJSzD2JoK9P0IxREAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3752214957&rs=2&met=mue&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633135153327&rpt=1028
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 00:39:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle string| blog string| slug string| ctld string| currentURL string| str string| res function| changeLink function| generate undefined| Cookies object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| AICP function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| sidr object| wp object| _stq object| twemoji string| protected_links function| st_go function| linktracker_init object| wpcom object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.paketinternet.id/ Name: __gads
Value: ID=74352306a2ef664a-2295e4f77ac900e7:T=1633135153:RT=1633135153:S=ALNI_MYMspMbfQC_EbdqR58mtz82aIzaZg
.doubleclick.net/ Name: IDE
Value: AHWqTUkFRpY4sBIj2lFNYb1M1q6haSB8Aa6Xf0QNZ3yhlc0X5S8McNJrzrI5eE7uRTQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.6sc.co/ Name: 6suuid
Value: 36bb10021b6b000032aa5761280200001d64aa00

1 Console Messages

Source Level URL
Text
network error URL: https://raw.githubusercontent.com/mustofaazka/safelink/main/filesafelink.js%20type=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
insurance.paketinternet.id
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
raw.githack.com
raw.githubusercontent.com
s0.2mdn.net
stats.wp.com
t.6sc.co
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.253.213.15
104.111.233.140
104.21.234.231
142.250.184.225
142.250.184.226
142.250.185.130
142.250.185.195
142.250.185.226
142.250.185.74
142.250.185.99
142.250.186.130
142.250.186.134
185.199.110.133
192.0.76.3
216.58.212.162
216.58.212.164
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07ef739ddc51001110f397572fcef58fd5bdd857642d57548373113d8b7eb0da
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1149b4e0fd05ae859746ff5efb3ba8c59a82ec0414e60db64178bee9efde7b52
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15e0a03031fdc5546730da1a9c6be57e491365b33a78cb971e602c9725c2d252
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
17ae49f737f0b36ce87dd587a7fda35a7d95eb330d175f27e70062905894b486
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
287586e5864fcc54f5b6f9421b1591cbb7304c52a9d6b8b122cf0db9dcedac98
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eb6c8f69f45093e05bea19399e07f997b3bbf4aa07b36b22ae0b09179b79042
2f1224a088536435ac801bdc41159d3e835ae286e556780a84ea3d8eac751811
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
341847e5e5c2504742ae58f16ec6fce260a7db7ece04c167b428d1d190988571
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
3523f4564607513e81b5fd0c6612a4e7dd94cce6830b24843bcb79b277d253ca
373517e230a8a3634ab9323c9d7ebe43a7bf26a52484b2abb1a6907f57c806be
3b60c7cb76673e5d91469336512de11460422da087b9fa76ac4050f9db117d69
40de39a40e282ee58bafd19e7197cdc4f596ef7a90c8faf4a5b9e56c6cd0aa1f
445e31ecb8590121e85e039032d89444eb09f3bfd0abbe4ff59937f81db435b6
44aaa6d010eb8a689b695890dbdc510bd1a4083d5e256315ee828d16070af845
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4f9eecddbbf0a8d525a8abb1dd977c702e613716734ee0e4751a90678162ce9b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
650b69fdeac0a7757380e83d5fde41c17288cf636a0e98c467ab7ec22f48bb74
66cdbeb484fb2bd42c8711bead94fc5a62d2853c2281444f8056dbbe38d78ad4
69a7a45d569c44339749b1cfd2d5c941c4f4a1475a8bdc480de926b838df3413
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
71fd1912225ea780b9a878af91756c406a8e9a66f6a536db38fd0d7a42ec7266
78d6d93df938ee4505d288abe08a15634f4ab8b8efb662fdd5645048c78f3e25
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
95fd59c3fb188e1287bf98819d1a91ea7f5874185c02f14f596e124ed6d5e59a
9b5eec92023b9583b8f794ab9dae2b4171cc2e78a46a12acafd314ec501ece79
9c555659388ad4781fbc1b9f4e91503c66674e1036f514fe2a6281f4effef9b0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abce489e18fc893c20a30256e8d537c19261653d71d5434a7a8251db2097179e
acf344494bfc938ab82288b98b97dfb7bbf0d86c8459b79c0ea8ce214b59de74
ad0617cb22365ddd0932316860b0e8630a7b926389e65a42c4256e858a58c072
afeb7aa78bc3fba1c37c58c95e0a8ac41c3730e7f6dab5d3ef317d87fe049466
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9130389044d8cb3e90c75d2cc25c9d665a8db104dfcc64594b67f75ac8b54bf
bb266a3dada02e7813141204056b650007526f2838e0c566e719055e9d8aa8c1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0bf283e0486f7d40adde2d96cde9e6f64af3cff659e045d33c1ededb30a82b2
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ca666242947310a47d5e6cd5e774c48052abf46bfa7dd7ade51280d93564b620
ce5917bb28a77b282a893868fe246fc9ccd756d0e5b286ac0e2d463f9f0181a5
d10dc238e54cbb75a9815209538029af6374e722f28ad9bcc4d57747ca767cfa
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e6fdfb13a61dfaa1464818ef6d2debc4ae7501649b88b1a636062ffca183ef
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deddc2d99e04395e282e14fa4eac9106e4e879a6eee372c6077b5d71e408bd5d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e09b201d0038c06f02e5bb9a4c4b9ed93dd854a33cbc50155bcbd3c1dd518e5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a7024c26a20417daf19cfce4e7ff4457df6625fb5f8489f8d705e262d1162c
e9f06bf1c0753f0e0f9f5670ca99ee4e7a4642a9139e7c993d46feec11fc1b2a
ecdc037bbf824d8874a0177b6f20ccd51540a589a7b015c53eae199a770d91f4
ef0b6d31c7c3acf117be4fef89002b702b399ff435b8b8ea2a65fa0e07a4201e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f72f69be7f990afd289beee0e0b29aa18599c1ca2151b9b00061e9df838c58c4
f8b4e801d513a3932652ede9cfdec3e450c5268ebf1baa6f7413661b7912fd29