urlscan.io logo urlscan.io
SecurityTrails logo

finding.id Open in urlscan Pro
51.79.147.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://finding.id/
Effective URL: https://finding.id/
Submission: On June 03 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 7 countries across 29 domains to perform 114 HTTP transactions. The main IP is 51.79.147.123, located in Singapore, Singapore and belongs to OVH, FR. The main domain is finding.id.
TLS certificate: Issued by R3 on April 20th 2021. Valid for: 3 months.
This is the only time finding.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 51.79.147.123 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
9 139.45.196.146 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 163.171.128.148 54994 (QUANTILNE...)
8 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 185.29.133.199 30419 (MEDIAMATH...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 46.4.10.47 24940 (HETZNER-AS)
12 18.203.130.15 16509 (AMAZON-02)
1 184.30.20.207 16625 (AKAMAI-AS)
1 4 138.201.84.252 24940 (HETZNER-AS)
1 2 142.250.186.38 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
4 142.250.184.194 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 51.75.147.170 16276 (OVH)
114 35
10    51.79.147.123 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: vps-1b0a0c40.vps.ovh.ca
finding.id
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    139.45.196.146 (United Kingdom)

ASN9002 (RETN-AS, GB)
pushazer.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
9    2606:4700:10::ac43:14e5 (United States)

ASN13335 (CLOUDFLARENET, US)
rumahdijual.com
5    2606:4700::6811:48ef (United States)

ASN13335 (CLOUDFLARENET, US)
id1-cdn.pgimgs.com
id2-cdn.pgimgs.com
1    163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)
www.lamudi.co.id
8    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    2606:4700::6811:d166 (United States)

ASN13335 (CLOUDFLARENET, US)
images.pexels.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal9000.redintelligence.net
12    18.203.130.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5994599.fls.doubleclick.net
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8102:5af6:b07b:462f:23c8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
13 doubleclick.net
googleads.g.doubleclick.net
5994599.fls.doubleclick.net
cm.g.doubleclick.net
16 KB
12 mediamathtag.com
s.update.mediamathtag.com
47 KB
10 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
167 KB
10 finding.id
finding.id
134 KB
9 rumahdijual.com
rumahdijual.com
712 KB
9 googleapis.com
fonts.googleapis.com
storage.googleapis.com
986 KB
9 pushazer.com
pushazer.com
47 KB
5 redintelligence.net
hal9000.redintelligence.net
hal900024.redintelligence.net
10 KB
5 google.com
adservice.google.com
www.google.com
1 KB
5 pgimgs.com
id1-cdn.pgimgs.com
id2-cdn.pgimgs.com
456 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 pexels.com
images.pexels.com
358 KB
3 gstatic.com
fonts.gstatic.com
54 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
764 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 googletagservices.com
www.googletagservices.com
65 KB
2 google.de
adservice.google.de
921 B
2 fontawesome.com
use.fontawesome.com
83 KB
1 contentspread.net
cdn.contentspread.net
77 KB
1 innovid.com
ag.innovid.com
296 B
1 rubiconproject.com
pixel.rubiconproject.com
463 B
1 mookie1.com
odr.mookie1.com
324 B
1 quantserve.com
cms.quantserve.com
463 B
1 googleadservices.com
partner.googleadservices.com
639 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
1 jquery.com
code.jquery.com
66 KB
1 cloudflare.com
cdnjs.cloudflare.com
27 KB
1 lamudi.co.id
www.lamudi.co.id
114 29
Domain Requested by
12 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
10 finding.id 1 redirects finding.id
9 rumahdijual.com finding.id
9 pushazer.com finding.id
pushazer.com
8 storage.googleapis.com finding.id
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
finding.id
6 pagead2.googlesyndication.com finding.id
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 cm.g.doubleclick.net googleads.g.doubleclick.net
finding.id
4 hal900024.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900024.redintelligence.net
4 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 images.pexels.com finding.id
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 fonts.gstatic.com fonts.googleapis.com
3 adservice.google.com pagead2.googlesyndication.com
5994599.fls.doubleclick.net
3 id1-cdn.pgimgs.com finding.id
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 5994599.fls.doubleclick.net 1 redirects finding.id
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
2 id2-cdn.pgimgs.com finding.id
2 use.fontawesome.com finding.id
use.fontawesome.com
1 cdn.contentspread.net hal900024.redintelligence.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net finding.id
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com finding.id
1 code.jquery.com finding.id
1 cdnjs.cloudflare.com finding.id
1 www.lamudi.co.id finding.id
1 fonts.googleapis.com finding.id
114 37

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
colorlib.com
jobs.finding.id
direview.id
Subject Issuer Validity Valid
finding.id
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
pushazer.com
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.pgimgs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-15 -
2022-04-07		 a year crt.sh
www.lamudi.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-08 -
2021-07-08		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
redintelligence.net
R3		 2021-04-21 -
2021-07-20		 3 months crt.sh
update.mediamathtag.com
R3		 2021-04-28 -
2021-07-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
contentspread.net
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://finding.id/
Frame ID: C9428F9507568562042FDC9E3DC63343
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: 5979D71F6134F1414C2CD87707D5304E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&adk=1812271804&adf=3025194257&lmt=1622716131&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffinding.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131393&bpp=13&bdt=116&idt=149&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=288261286308&frm=20&pv=2&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: A687B96F4C70A9EC3B5C02B64E68AA53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1200x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=2&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=EAHciDFwZo&p=https%3A//finding.id&dtd=16
Frame ID: 72DB90E4B9D0D32BBB01E97592A3C4A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3835012598&adf=896644619&pi=t.aa~a.1130824974~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1150x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=225&ady=3088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Gz380KDyWj&p=https%3A//finding.id&dtd=22
Frame ID: B7DD026034913E7A3A34D6B2D3388960
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Frame ID: B5F740F0E97328C472EED966930C6EF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=315&slotname=1805045618&adk=3741819489&adf=2710618021&pi=t.ma~as.1805045618&w=363&lmt=1622716131&rafmt=11&psa=0&format=363x315&url=https%3A%2F%2Ffinding.id%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131884&bpp=2&bdt=608&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280%2C363x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ytJi16ZCBV&p=https%3A//finding.id&dtd=5
Frame ID: 7D7BF6ED1BD703C7F8D04D7711DE2575
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZdHl4664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKYBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevy2AiKQ1G0ydD0kAukZ9t1XLHUIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0NzY3MzEzNTk0NTQ4NjA&sigh=p_m94tYCVX8&tpd=AGWhJmt3DQ5WSnOd5mIUTK-0BX95y2vx8yxgw6JIoep5DD6EVX5JLtMwsm6VUXGLnSu4B0MKxX3THzYpDk5gJkH_za7fK0udERh99e_i-LseapaBnlrYMmayqlVVKt3M8oIdTJCuFEFcGrAFf8YEkd7gLPace5mkcMELTbji3c8Vey34LemYgkHFPiTeG6ojKwM5Sc3oEfteYq2aqpVkVHnSkgZhguRulHMla0XFb06oSuBoABVTn_s5-y965dJRzn9EX1Q4a_DYtYbci0PnGBVCBm4zMfDLTTmqDZKLpr5w8d2bkCkOO99J5UUvKmjeFAR0a47G7cPuRPREXpRl5dZnipVIxyyjK2A55zY81B75nvATzGSj3tPzCi8ZA9dsf5keJDutafiI0xBSreoW4n3UuSqY1ifA70ny7FZCSo0CehEde_SqmAez82WC37v95fHuWBRdBg-mXVgIgorNGdvYzA26IpxNUbBhUS1wHmZ5uJ33nPICMU2MJtDY7F33w_WtkHXH_TzoB93i3AFiM1dwnpzN8IPPgqTxIdTrZkMgX3DnCZzlp0L5Tv-S4TXuVk0BeEGV5YMrdxA4eWPONqalSSv6BLnN65t2vNzU2qkdf_IOQ2mu6soVa0lOZqZoghkecldJE5a5xFXGCQEHUlLXh94aa4eWnEiXmEHxufMc1zaHSkx6u18Hzv68Hqcii9CSLwG5e8Cy2LatSG5rXSXrSRfm2d0H3ZWpqQD6fbtZ2gO8bz0MiHk9RZ1b7yqcllGrvDEkb8xLWFz8l5YJKBKHFZI9RAZTFs1-rGZZOnV7zKgqRX3qm4ViaYM3Go97X8GbQkQXDFfqV8FR5atv0QRdYk7DGLf8ZyNFrhOzTFawZiQKDMiFr7nue6nBnxf4Y8a_K-44ueVc2rQfrXSfx0CSkGbOqYjEFd9zapf3fiskKMX5JjF30Bk0sQifjlfx4fsqQLSVQXASiHlpQd1rOmlMqoFr-iLCjpHGYJwclvz-HGejDLJ8hmkUB3XNcC55PmyDXpcG7hJmwihzCqO-tTKJuD5sgmA
Frame ID: 8E711ACED4ECE60E8A7424B812E38724
Requests: 24 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377
Frame ID: BCB1B69F140B4A108034AB29E21D491B
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=40127200085534400951407011614024&a=1b1ccc6a
Frame ID: 16CC15AC506D9749F9355CFCFC8684B3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 804AFB7D022F9AF5F3F8A0F717FF155B
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2D34728F82A0080ADA9B06F909DE51C5
Requests: 1 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/c443ddd9-1b50-452d-9f3f-1d8f5c55601d
Frame ID: C7F782C82CDB805DB0A3503293F210F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6D9FB87D6FAB2DEB0C64CDF38FFC9D9E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A123CB03B83A2A09E3330C2EFF7EA719
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://finding.id/ HTTP 301
    https://finding.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

114
Requests

98 %
HTTPS

53 %
IPv6

29
Domains

37
Subdomains

35
IPs

7
Countries

3361 kB
Transfer

4537 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://finding.id/ HTTP 301
    https://finding.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8476731359454860%26output%3Dhtml%26h%3D280%26adk%3D3503823239%26adf%3D3502769841%26pi%3Dt.aa~a.1485556156~rp.2%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1622716131%26rafmt%3D1%26to%3Dqs%26pwprc%3D1043787275%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Ffinding.id%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1622716131787%26bpp%3D1%26bdt%3D511%26idt%3D0%26shv%3Dr20210525%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1150x280%26nras%3D4%26correlator%3D288261286308%26frm%3D20%26pv%3D1%26ga_vid%3D2096933316.1622716132%26ga_sid%3D1622716132%26ga_hid%3D72139257%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1012%26ady%3D3388%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060840%26oid%3D3%26pvsid%3D1707586971753713%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3D8OIui9KsN3%26p%3Dhttps%253A%2F%2Ffinding.id%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ffinding.id&random=6476185944881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8476731359454860%26output%3Dhtml%26h%3D280%26adk%3D3503823239%26adf%3D3502769841%26pi%3Dt.aa~a.1485556156~rp.2%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1622716131%26rafmt%3D1%26to%3Dqs%26pwprc%3D1043787275%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Ffinding.id%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1622716131787%26bpp%3D1%26bdt%3D511%26idt%3D0%26shv%3Dr20210525%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1150x280%26nras%3D4%26correlator%3D288261286308%26frm%3D20%26pv%3D1%26ga_vid%3D2096933316.1622716132%26ga_sid%3D1622716132%26ga_hid%3D72139257%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1012%26ady%3D3388%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060840%26oid%3D3%26pvsid%3D1707586971753713%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3D8OIui9KsN3%26p%3Dhttps%253A%2F%2Ffinding.id%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ffinding.id&random=6476185944881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 79
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377
Request Chain 87
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfRqQap2v6d_fBxidI8L24&google_cver=1&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfRqQap2v6d_fBxidI8L24&google_cver=1&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA&google_hm=yQ78rBJkwMsoQtEvjXNljA==
Request Chain 88
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKrQSQwtM6-TrdYw-W9mgZo&google_cver=1&google_push=AQvitUKuCxIpGrytuDjc4M5asv-2MqXvKkN-fi0eHYYmZCSk3E5YsxSSGP8Jqo5TpbhSLYx6iYhjdxBpQ-QNEjlj6hSbGB1zjkcxJw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKrQSQwtM6-TrdYw-W9mgZo&google_cver=1&google_push=AQvitUKuCxIpGrytuDjc4M5asv-2MqXvKkN-fi0eHYYmZCSk3E5YsxSSGP8Jqo5TpbhSLYx6iYhjdxBpQ-QNEjlj6hSbGB1zjkcxJw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kWeExWHBSGaEoYyveJADOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKuCxIpGrytuDjc4M5asv-2MqXvKkN-fi0eHYYmZCSk3E5YsxSSGP8Jqo5TpbhSLYx6iYhjdxBpQ-QNEjlj6hSbGB1zjkcxJw
Request Chain 89
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJN_oANU_22HOx3yIdSLQBQ&google_cver=1&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7ManrSCN8HqFV-lCDi6p8tvSvokXrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BHUkFEQVMtMTgtRVlCVg==&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7ManrSCN8HqFV-lCDi6p8tvSvokXrg
Request Chain 90
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
finding.id/
Redirect Chain
  • http://finding.id/
  • https://finding.id/
57 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
991c89469d0b602a9c31bfdb59503560fcd9eab3a8453d3a2ff18138add9c6b3

Request headers

Host
finding.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Server
Apache/2.4.41 (Ubuntu)
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; expires=Thu, 03-Jun-2021 12:28:51 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9; expires=Thu, 03-Jun-2021 12:28:51 GMT; Max-Age=7200; path=/; httponly
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
9951
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 03 Jun 2021 10:28:50 GMT
Server
Apache/2.4.41 (Ubuntu)
Location
https://finding.id/
Content-Length
303
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48423
x-xss-protection
0
server
cafe
etag
14961557847784475286
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 10:28:51 GMT
ntfc.php
pushazer.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/ntfc.php?p=2180170
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01e86fb51eec0bdf8a62354c8dc4d9a4b49020e8e428ef286ed6ccc7a66f1664

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 10:25:37 GMT
Server
nginx
ETag
W/"60b8ae21-380b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
css
fonts.googleapis.com/ 		4 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60d9a76ad4aa0815327f27dcf7336bf0ce1cda4e1b094a76a202b86eb6907d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 10:28:51 GMT
server
ESF
date
Thu, 03 Jun 2021 10:28:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 10:28:51 GMT
bootstrap.min.css
finding.id/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finding.id/css/bootstrap.min.css
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fee7bb6cb9b706f06c70921a63b9ff065f12e4b7c5b4a9e4b54475a4c0933e46

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Feb 2019 19:46:17 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1d972-582bd31a6d440-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19747
all.css
use.fontawesome.com/releases/v5.4.2/css/ 		49 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.4.2/css/all.css
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d3db3a07cd01a325326de52822be97f34e9977ea6d2d3b90ae318f87c3daf374

Request headers

Origin
https://finding.id
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
last-modified
Thu, 25 Oct 2018 22:14:30 GMT
server
NetDNA-cache/2.2
etag
W/"b4d08b13c5d88326fe4bea239e050253"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
font-awesome.min.css
finding.id/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finding.id/css/font-awesome.min.css
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Dec 2018 11:36:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"7918-57cf9d774a4c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7053
style.css
finding.id/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finding.id/css/style.css
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0ef94a5763535dc7eb17b916881be673bfe325832d819eb5932204c46f5156fb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2019 12:20:58 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"7272-58ddf868a7e80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5052
18085362d1514620251-dijual-rumah-minimalis-di-jalan-bangka-v-kemang-jakarta-rumah-asri-di-jl-bangka-kemang-mampang-jakarta-selatan
rumahdijual.com/attachments/kemang/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/kemang/18085362d1514620251-dijual-rumah-minimalis-di-jalan-bangka-v-kemang-jakarta-rumah-asri-di-jl-bangka-kemang-mampang-jakarta-selatan
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bf0e2f49b8968ecb4b0632b29f2520bcbb05b0f454a55600cb96bbaef60975
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-transfer-encoding
binary
content-disposition
inline; filename="rumah-asri-di-jl-bangka-kemang-mampang-jakarta-selatan 6.jpg"
content-length
32468
cf-request-id
0a73043fff000005c44904a000000001
last-modified
Sat, 30 Dec 2017 07:50:51 GMT
server
cloudflare
etag
"18085362"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
65983cacc87505c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
Rumah-Murah-Di-Lokasi-Strategis-di-Legok-Tangerang-Indonesia.jpg
id1-cdn.pgimgs.com/listing/17091285/UPHO.94244322.V800/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id1-cdn.pgimgs.com/listing/17091285/UPHO.94244322.V800/Rumah-Murah-Di-Lokasi-Strategis-di-Legok-Tangerang-Indonesia.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dece95d64810dadbaf18e914a10a125382e4afe9e3cc8a46cd9844f323b2dc6f

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Feb 2020 16:30:54 GMT
server
cloudflare
x-amz-request-id
BJTDHWTZ0XNSS73V
etag
"c36a0364d37265d605195acb4d3308b9-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
oJ/bhhq5Trnxbk3/8mb3H08pCgsVgQ3G4frVWZT3IX9L+pJU4TtlBXiU68jHFoXKAaBEw/WLoBE=
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
65983cacdd9a0742-FRA
content-length
67554
cf-request-id
0a7304400400000742c9063000000001
51656802d1598590017-rumah-dekat-lab-terpadu-univ-brawijaya-jawara-land-karangploso-7f1a3bd1-f19c-478d-ae19-cb8cbf0c6575.jpg
rumahdijual.com/attachments/malang/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/malang/51656802d1598590017-rumah-dekat-lab-terpadu-univ-brawijaya-jawara-land-karangploso-7f1a3bd1-f19c-478d-ae19-cb8cbf0c6575.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abdb331fd7aeae5af5ef3a8a5609ffa9da5692bf13e07ab147e825f0dc4637b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="7f1a3bd1-f19c-478d-ae19-cb8cbf0c6575.jpg"
content-length
74932
cf-request-id
0a73044001000005c40c208000000001
last-modified
Fri, 28 Aug 2020 04:46:57 GMT
server
cloudflare
etag
"51656802"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacc88305c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
730497851b4d8b.jpg
www.lamudi.co.id/static/media/https://static-id.lamudi.combm9uZS9ub25l/2x2x2x380x244/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lamudi.co.id/static/media/https://static-id.lamudi.combm9uZS9ub25l/2x2x2x380x244/730497851b4d8b.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
49715547d1592222904-rumah-kolonel-masturi-cimahi-kolam-renang-pribadi-1.jpg
rumahdijual.com/attachments/bandung/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/bandung/49715547d1592222904-rumah-kolonel-masturi-cimahi-kolam-renang-pribadi-1.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ae85fc81b6aa6246722dc8297257e6659a0a4f261fe9cff8edbe1018b2e049
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="1.jpg"
content-length
109996
cf-request-id
0a73044001000005c4d694d000000001
last-modified
Mon, 15 Jun 2020 12:08:24 GMT
server
cloudflare
etag
"49715547"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacc87805c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
1602505521_5f844b3134f25_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1602505521_5f844b3134f25_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09d14725de3d2f30779fe8a5d3b1fd4b7ea6cfdb02d97b60a17a693703587fdf

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-UxSjQUV6qQKE6PtX0K3ac-dgYzCbHuodyPwXeXxjmyFzCegkoUcEQ4qb8aXHUMj0ZbiRjbkPtLjzXKqqJdNUVw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109470
last-modified
Mon, 12 Oct 2020 12:25:22 GMT
server
UploadServer
etag
"5fc040a305285847b02387d530b91f33"
x-goog-hash
crc32c=Y3xL+A==, md5=X8BAowUoWEewI4fVMLkfMw==
x-goog-generation
1602505522044019
cache-control
public, max-age=3600
x-goog-stored-content-length
109470
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
47656873d1583810252-rumah-ready-stock-dan-siap-huni-di-woltermangunsidi-img-20200301-wa0022.jpg
rumahdijual.com/attachments/semarang/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/semarang/47656873d1583810252-rumah-ready-stock-dan-siap-huni-di-woltermangunsidi-img-20200301-wa0022.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1496c166076bd77694813c7d8d037815580397b1f5e9ff2da255f6b10e6ebe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="IMG-20200301-WA0022.jpg"
content-length
61028
cf-request-id
0a7304400a000005c4d222f000000001
last-modified
Tue, 10 Mar 2020 03:17:32 GMT
server
cloudflare
etag
"47656873"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacd8ba05c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
Dijual-cepat-Rumah-New-Brand-Design-Minimalis-Modern-di-Cimanggis-Bojonggede-Bogor-Bogor-Indonesia.jpg
id1-cdn.pgimgs.com/listing/17405034/UPHO.96497948.V800/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id1-cdn.pgimgs.com/listing/17405034/UPHO.96497948.V800/Dijual-cepat-Rumah-New-Brand-Design-Minimalis-Modern-di-Cimanggis-Bojonggede-Bogor-Bogor-Indonesia.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d0ee30becb65099be7bcbdece1c0f63b77225a6276b0c7cde886feef45698d

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
cf-cache-status
MISS
last-modified
Tue, 23 Jun 2020 09:38:20 GMT
server
cloudflare
x-amz-request-id
BJTEHGH9CATRJSMM
etag
"f4105aa91acec5bc6a2c3e9058ff46dd-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
Sw0flKt/60D/k+3BbVCuRuQYGTu+zLBrlBxi4083Ee7HwIJR4N/3GNJR5ej0cnh4nog1U08hTNQ=
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
65983cacddc20742-FRA
content-length
145626
cf-request-id
0a7304400a00000742b5abd000000001
1601994304_5f7c7e403fa32_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1601994304_5f7c7e403fa32_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b8c1008713f81059ee3ce2a5930fdc5df341031952253fa1c5345b05d158530d

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-UzG2XVVGSLlZzuy6pi1xQasPMXfCvvt38z9hum4AAOH0dGceyPmkzZUTEv8I8RMz16RYbfbnOQtS1EBxiw-qLo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165483
last-modified
Tue, 06 Oct 2020 14:25:05 GMT
server
UploadServer
etag
"cf756e3280f810577df0bc925cc96b8e"
x-goog-hash
crc32c=/jcUEg==, md5=z3VuMoD4EFd98LySXMlrjg==
x-goog-generation
1601994305119710
cache-control
public, max-age=3600
x-goog-stored-content-length
165483
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
New-Brand-Cluster-Murah-design-minimalis-modern-lokasi-strategis-di-Cimanggis-Bojong-Gede-Bogor-Bogor-Indonesia.jpg
id1-cdn.pgimgs.com/listing/17105622/UPHO.94335622.V800/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id1-cdn.pgimgs.com/listing/17105622/UPHO.94335622.V800/New-Brand-Cluster-Murah-design-minimalis-modern-lokasi-strategis-di-Cimanggis-Bojong-Gede-Bogor-Bogor-Indonesia.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d0ee30becb65099be7bcbdece1c0f63b77225a6276b0c7cde886feef45698d

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Feb 2020 18:29:39 GMT
server
cloudflare
x-amz-request-id
BJT9PEZ09KAMV7FA
etag
"f4105aa91acec5bc6a2c3e9058ff46dd-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
9mgDU7D3lIrIevNoAFGDMy8tajHDfMmBmayf9ozCA+gPeUGQesgAB/FNk0swsyjKaMzw5RZqt1g=
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
65983cacddcb0742-FRA
content-length
145626
cf-request-id
0a7304400b00000742c3183000000001
17909322d1514126448-cluster-baru-candygolf-type-montana-img20170307152243.jpg
rumahdijual.com/attachments/semarang/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/semarang/17909322d1514126448-cluster-baru-candygolf-type-montana-img20170307152243.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36946fa801e2a1a2a77fa9b62060d3b95df024b74f6c9a2c5bf1d472bc293516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="IMG20170307152243.jpg"
content-length
72746
cf-request-id
0a7304400f000005c4db29c000000001
last-modified
Sun, 24 Dec 2017 14:40:48 GMT
server
cloudflare
etag
"17909322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacd8bf05c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
49829924d1592488074-250-juta-rumah-cluster-baleendah-bebas-banjir-1.jpg
rumahdijual.com/attachments/bandung/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/bandung/49829924d1592488074-250-juta-rumah-cluster-baleendah-bebas-banjir-1.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c80471aaa33ab68e7c00edec7a301a32b63e732e869eaf6d7232722f3af590
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="1.jpg"
content-length
96866
cf-request-id
0a73044011000005c4d6951000000001
last-modified
Thu, 18 Jun 2020 13:47:54 GMT
server
cloudflare
etag
"49829924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacd8c305c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
49261107d1590761663-dijual-rumah-2lt-akses-dekat-jln-utama-di-jagakarsa-smartselect_20200529-203107_whatsapp.jpg
rumahdijual.com/attachments/jakarta-selatan/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/jakarta-selatan/49261107d1590761663-dijual-rumah-2lt-akses-dekat-jln-utama-di-jagakarsa-smartselect_20200529-203107_whatsapp.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167b73e8f4ff531821354640c7bb98d1ab1e1fe51b9134e4840f3c89c0a0fac8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="SmartSelect_20200529-203107_WhatsApp.jpg"
content-length
92336
cf-request-id
0a7304400a000005c4e3800000000001
last-modified
Fri, 29 May 2020 14:14:23 GMT
server
cloudflare
etag
"49261107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cacd8c705c4-FRA
expires
Fri, 03 Jun 2022 10:28:52 GMT
Rumah-Di-Jual-Di-Gading-Serpong-Tangerang-Indonesia.jpg
id2-cdn.pgimgs.com/listing/17073821/UPHO.94132951.V800/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id2-cdn.pgimgs.com/listing/17073821/UPHO.94132951.V800/Rumah-Di-Jual-Di-Gading-Serpong-Tangerang-Indonesia.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868dd2d5f1f3e716b48c1658e2be205a5129fa53eb15f8eaa6e9ceb4a6aeb4db

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
cf-cache-status
MISS
last-modified
Mon, 03 Feb 2020 01:21:36 GMT
server
cloudflare
x-amz-request-id
BJTDZA1TKVR2RNCP
etag
"d27c1f533c2e62df5ef72caa27c16ec5-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
xUoC2LlRU+qFuuzU8iUdUHhEKVL71t87fsojxJsUr6xQ3m57XToBjILukIQGicKtKvBERRS5kv4=
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
65983cad3ecb0742-FRA
content-length
79235
cf-request-id
0a730440420000074204aa6000000001
1601791381_5f796595ae0f7_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1601791381_5f796595ae0f7_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
12e7c67e2b645852d7b0e9f70d72275e3417fa8c80c6bd6991c2f0e4cf5e5066

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-UxGY8KznIXDo1HMFaSX9E7hb9bHRjTC9ytWoaZVsdo-Y-aW3psV-lu7U503BYvGnOpATOFtYl7xfTMQwWs9ON0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132459
last-modified
Sun, 04 Oct 2020 06:03:02 GMT
server
UploadServer
etag
"24122ea0a88442d12abcbeebafc5d360"
x-goog-hash
crc32c=1ILdXA==, md5=JBIuoKiEQtEqvL7rr8XTYA==
x-goog-generation
1601791382449313
cache-control
public, max-age=3600
x-goog-stored-content-length
132459
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
1602937755_5f8ae39b4f7ea_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1602937755_5f8ae39b4f7ea_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c064f2a33f906f241efe9f7d7aa044ddb39e7970825c4c45172fce7fbddb1c14

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-UzZ2vofuVsP1TtmNi-vYzxKgctKLjFUwKmWQAP_4utyBk1SVhp-EzXAllKRbzf2kY-fz9bk3RCcCqDm_rR57ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84605
last-modified
Sat, 17 Oct 2020 12:29:16 GMT
server
UploadServer
etag
"45cae2a13262247409b8a609855c85f4"
x-goog-hash
crc32c=3+gJ9A==, md5=RcrioTJiJHQJuKYJhVyF9A==
x-goog-generation
1602937756210911
cache-control
public, max-age=3600
x-goog-stored-content-length
84605
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
1602937109_5f8ae1158e313_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1602937109_5f8ae1158e313_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0dc7a583c6027aa456d53f6a9fe2136e8a9785fe5f75a7f477e8f105814291cb

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-Uysm7jijHKdK8VmJDBRkysLX8Ipe0HmlFvGnHg9kcRRcGORSg4OnS-PCJdy0kBCDd2T6wtl6MP-Koigt164DVI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84636
last-modified
Sat, 17 Oct 2020 12:18:30 GMT
server
UploadServer
etag
"ee6dd41fd816f4c0fcbc43fdf2c88c24"
x-goog-hash
crc32c=aSyWWA==, md5=7m3UH9gW9MD8vEP98siMJA==
x-goog-generation
1602937110501295
cache-control
public, max-age=3600
x-goog-stored-content-length
84636
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
1602685559_5f870a7721a0a_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1602685559_5f870a7721a0a_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ef8f87768dfe14b4c64ffa8044348ec65d6fb1297afcb1ae4ae778b9232b3107

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-guploader-uploadid
ABg5-UzAtzaavkatW9JFOoLFrTC8yUfC7Cz3kUwG2CgqG6I6OLbm1zlnv6BL_JOtLaJ59ZQV8eER1piBONsqE1EaeEU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136173
last-modified
Wed, 14 Oct 2020 14:26:00 GMT
server
UploadServer
etag
"10ca3ee723985e50749ed06f9ef874af"
x-goog-hash
crc32c=EfpG0w==, md5=EMo+5yOYXlB0ntBvnvh0rw==
x-goog-generation
1602685560002846
cache-control
public, max-age=3600
x-goog-stored-content-length
136173
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:51 GMT
pexels-photo-101808.jpeg
images.pexels.com/photos/101808/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/101808/pexels-photo-101808.jpeg?auto=compress&cs=tinysrgb&dpr=2&h=650&w=940
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cc253f004c280b8afe4b20000a801a13baf6b77ca91df85316860900cc3959
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
612347
cf-polished
qual=85, origFmt=jpeg, origSize=126596
x-cache
HIT, HIT
x-imgix-id
4b43525a98efb74d43e92186705e725b54f4d239
content-disposition
inline; filename="pexels-photo-101808.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
86358
cf-request-id
0a730441c5000005ed10b13000000001
x-served-by
cache-sjc10029-SJC, cache-hhn4073-HHN
last-modified
Thu, 06 May 2021 09:55:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 03 Jun 2022 10:28:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cafab2e05ed-FRA
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri,csam-hash
pexels-photo-1288482.jpeg
images.pexels.com/photos/1288482/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/1288482/pexels-photo-1288482.jpeg?auto=compress&cs=tinysrgb&dpr=1&w=700
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pexels-photo-279719.jpeg
images.pexels.com/photos/279719/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/279719/pexels-photo-279719.jpeg?auto=compress&cs=tinysrgb&dpr=2&h=650&w=940
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a2bc090f3907a47f0e0de9f95f86bd98ab40cb4c819741795061093d81d408
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
600219
cf-polished
qual=85, origFmt=jpeg, origSize=155413
x-cache
HIT, HIT
x-imgix-id
6fb4fdde51d0643c4c4489b3aefb273a35fcb22d
content-disposition
inline; filename="pexels-photo-279719.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
125466
cf-request-id
0a730441d4000005ed479bb000000001
x-served-by
cache-sjc10030-SJC, cache-hhn4060-HHN
last-modified
Wed, 12 May 2021 18:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 03 Jun 2022 10:28:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cafbb7f05ed-FRA
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri,csam-hash
1601649807_5f773c8f817ea_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1601649807_5f773c8f817ea_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
92eae7f82717e235822483e7aad8cfb04933a76c17bb4c60ebf95826d176f068

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
x-guploader-uploadid
ABg5-Uwpw6FdmMG_FBqz_U6luT9e4dlOW5RZHkMHsj_dKi9DEcexNjflS_FfXor03wkygBPlJXcO9HaNXD9_Vxa4lKI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157398
last-modified
Fri, 02 Oct 2020 14:43:28 GMT
server
UploadServer
etag
"29088bf679b0562baf8dda9b75d4b849"
x-goog-hash
crc32c=st1nng==, md5=KQiL9nmwViuvjdqbddS4SQ==
x-goog-generation
1601649808209314
cache-control
public, max-age=3600
x-goog-stored-content-length
157398
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:52 GMT
1601649627_5f773bdb94f2e_thumb.jpg
storage.googleapis.com/carirumah-83630/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/carirumah-83630/1601649627_5f773bdb94f2e_thumb.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
541e30cc02a7bc0e8791bed39242af979872d1d6daceeba19220d2af77c67f80

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
x-guploader-uploadid
ABg5-UwdiAGDhhzn9Hxjr5EM6k8yBasM22Ie90fiVEp7s89JwM37miw2GYpJ1BmObiUKC1hogkmj-bIh9vFME7M5Rhc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135561
last-modified
Fri, 02 Oct 2020 14:40:28 GMT
server
UploadServer
etag
"bcc34f5e86cad4b7e21fda1244bb17a5"
x-goog-hash
crc32c=A+gEyA==, md5=vMNPXobK1LfiH9oSRLsXpQ==
x-goog-generation
1601649628390550
cache-control
public, max-age=3600
x-goog-stored-content-length
135561
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 03 Jun 2021 11:28:52 GMT
41137461d1565928136-rumah-taman-adenia-tambak-harjo-semarang-barat-img-20190816-wa0004.jpg
rumahdijual.com/attachments/semarang/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/semarang/41137461d1565928136-rumah-taman-adenia-tambak-harjo-semarang-barat-img-20190816-wa0004.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e16a89e0e67c6054d4b4dff254b5e04338d38d02fede603863bc5566a2163970
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="IMG-20190816-WA0004.jpg"
content-length
104185
cf-request-id
0a730441d2000005c4f4ac0000000001
last-modified
Fri, 16 Aug 2019 04:02:16 GMT
server
cloudflare
etag
"41137461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cafb95805c4-FRA
expires
Fri, 03 Jun 2022 10:28:53 GMT
49667080d1592116435-rumah-cluster-bandung-utara-dekat-polban-poltekpos-upi-nhi-1.jpg
rumahdijual.com/attachments/bandung/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rumahdijual.com/attachments/bandung/49667080d1592116435-rumah-cluster-bandung-utara-dekat-polban-poltekpos-upi-nhi-1.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769090460974caac1d80e9921b1f2b38b1ce164383044d10cb04b82c2c38b010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-transfer-encoding
binary
content-disposition
inline; filename="1.jpg"
content-length
81745
cf-request-id
0a730441d3000005c44530c000000001
last-modified
Sun, 14 Jun 2020 06:33:55 GMT
server
cloudflare
etag
"49667080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cafb95c05c4-FRA
expires
Fri, 03 Jun 2022 10:28:53 GMT
Rumah-Subsidi-Dan-Komersil-Di-Daru-Tangerang-Tangerang-Indonesia.jpg
id2-cdn.pgimgs.com/listing/17068419/UPHO.94100229.V800/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id2-cdn.pgimgs.com/listing/17068419/UPHO.94100229.V800/Rumah-Subsidi-Dan-Komersil-Di-Daru-Tangerang-Tangerang-Indonesia.jpg
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:48ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18617eb0953afadd7b07e9890601f26d4dd84e0e01e66c38dbf7dfc1b5f41230

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
cf-cache-status
MISS
last-modified
Fri, 31 Jan 2020 07:46:02 GMT
server
cloudflare
x-amz-request-id
BJTDHZD9H7AVMDE2
etag
"548b797c7671d237a5b1758ac3063fff-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
P1a1JX/oLyOcx+UC219+UjPEG8TsRPHW94xHYML4GCWA2Xp9/6LulZ/lXBYU4VVODZxEYJ3LJfY=
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
cf-ray
65983cafdde10742-FRA
content-length
26907
cf-request-id
0a730441e400000742100a7000000001
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6268592
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27433
cf-request-id
0a73043fdf00004e928dad9000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B5TJgz6Uz88aU5T1IilPK67rNGIk0qf%2BhpUpmFyIK8JBlvXoSycQ6aAGbVe4Ev1GAL99NtBrVg7d4jzgcImqcqGqhit97Fw%2FBYi0AzIn8%2Fqg%2BbIMpPBB2otiyxevenPJoY3EgGS2P8U0WsZCFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65983cac9c444e92-FRA
expires
Tue, 24 May 2022 10:28:51 GMT
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-3dee4"
vary
Accept-Encoding
x-hw
1622716131.dop147.fr8.t,1622716131.cds218.fr8.hc,1622716131.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
bootstrap.min.js
finding.id/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finding.id/js/bootstrap.min.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Dec 2018 11:36:26 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"90b5-57cf9d7656280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9833
main.js
finding.id/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finding.id/js/main.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7948640f6224e042637941be6da6978085f7521af51fa2c9cfb1edd57f9fc16d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 08:39:46 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9f4-57d7012a27880-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
754
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128631832-1
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84b09766ba8c7950feff7c72ef70e288f125c8887fec4d0cc74d643d09b3cce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36062
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 10:28:51 GMT
zone
pushazer.com/ 		683 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/zone?pub=0&zone_id=2180170&is_mobile=false&domain=finding.id&var=&ymid=&var_3=
Requested by
Host: pushazer.com
URL: https://pushazer.com/ntfc.php?p=2180170
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8193ee2bf25f13bc23426ca7e283c6da0caea7b5095f25698edb55569203d123
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id
6500ab94bd0c38480302c5c1794c56e6
Date
Thu, 03 Jun 2021 10:28:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
683
universal.min.js
pushazer.com/pfe/current/ 		107 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/pfe/current/universal.min.js?v=3.1.295
Requested by
Host: pushazer.com
URL: https://pushazer.com/ntfc.php?p=2180170
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6a4e40f4ee1d3d83b13b6dfb4defa0fd3d5f3874cc17811c95e72adaea7b499b

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 10:25:37 GMT
Server
nginx
ETag
W/"60b8ae21-1ab55"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://finding.id
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87751
x-xss-protection
0
server
cafe
etag
1549945764410104263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 10:28:51 GMT
pexels-photo-439227.jpeg
images.pexels.com/photos/439227/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/439227/pexels-photo-439227.jpeg?auto=compress&cs=tinysrgb&dpr=2&h=650&w=940
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:d166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e709ec8be369ebaaeea7796208a150ce4209b317a7967b71d28aa155109356ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
916559
cf-polished
status=not_needed
x-cache
HIT, MISS
x-imgix-id
9bb287bd7a3ef76da0871e40e260d4e87f743d34
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
152647
cf-request-id
0a730441f200004e8b02188000000001
x-served-by
cache-sjc10081-SJC, cache-fra19168-FRA
last-modified
Wed, 19 May 2021 06:47:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 03 Jun 2022 10:28:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65983cafee2d4e8b-FRA
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri,csam-hash
fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.2/webfonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.4.2/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c

Request headers

Origin
https://finding.id
Referer
https://use.fontawesome.com/releases/v5.4.2/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
last-modified
Thu, 25 Oct 2018 22:15:24 GMT
server
NetDNA-cache/2.2
etag
"fd531d212b567d6049f400165473589f"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
71952
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame 5979 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210525/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 03 Jun 2021 01:47:40 GMT
expires
Thu, 17 Jun 2021 01:47:40 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
31271
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
custom
pushazer.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://finding.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushazer.com/ 		39 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
e247b979aea090da6430e006d38bb883
Date
Thu, 03 Jun 2021 10:28:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw.js
finding.id/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://finding.id/sw.js
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f114111bff7cc3a565593dda77c9c41e9923e9df98c2f2c647cd419e89854559

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://finding.id/
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Nov 2018 17:03:55 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1555-57b80339534c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2147
cookie.js
partner.googleadservices.com/gampad/ 		200 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=finding.id&callback=_gfp_s_&client=ca-pub-8476731359454860
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e8ca0f7161e466a7a6a89f342b97d383cf35c83132a7360a9cc5ac21b603308d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=finding.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=finding.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A687 		14 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&adk=1812271804&adf=3025194257&lmt=1622716131&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffinding.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131393&bpp=13&bdt=116&idt=149&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=288261286308&frm=20&pv=2&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b73609798eea3e026788aa4ccf9c0795dad190c27c2b48bbb92cdc3e09f49efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8476731359454860&output=html&adk=1812271804&adf=3025194257&lmt=1622716131&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffinding.id%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131393&bpp=13&bdt=116&idt=149&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=288261286308&frm=20&pv=2&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=237
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 10:28:51 GMT
server
cafe
content-length
1104
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 10:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 10:28:51 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656037121142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28114
x-xss-protection
0
expires
Thu, 03 Jun 2021 10:28:51 GMT
fontawesome-webfont.woff2
finding.id/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://finding.id/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: finding.id
URL: https://finding.id/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://finding.id
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://finding.id/css/font-awesome.min.css
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Origin
https://finding.id
Referer
https://finding.id/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Last-Modified
Fri, 14 Dec 2018 11:36:30 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"12d68-57cf9d7a26b80"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
77160
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=finding.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=finding.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 10:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 72DB 		405 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1200x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=2&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=EAHciDFwZo&p=https%3A//finding.id&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ff44ab37fd044017b7cbd6b44469817ba10c5488523569f8ae1035041c1340d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1200x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=2&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=EAHciDFwZo&p=https%3A//finding.id&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 10:28:51 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
IDE=AHWqTUlRzumW8WoCt_72r20oR9o6Lk_DSkNTf9enHj9LhUqri9abGVSujaJ_F8f0zYo; expires=Tue, 28-Jun-2022 10:28:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 10:28:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B7DD 		405 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3835012598&adf=896644619&pi=t.aa~a.1130824974~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1150x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=225&ady=3088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Gz380KDyWj&p=https%3A//finding.id&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
377f2e13f197e2d7427378049adc79b0b60fc69f30858cbfba972283981bde7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3835012598&adf=896644619&pi=t.aa~a.1130824974~rp.1&w=1150&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=1150x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=-M&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=225&ady=3088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Gz380KDyWj&p=https%3A//finding.id&dtd=22
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 10:28:51 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
IDE=AHWqTUlInk6__5FsD3G3PG8-mt-Dq8UlmqPqL5BPrACxPvl6CGTzMk4pvAtctg5OxBQ; expires=Tue, 28-Jun-2022 10:28:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 10:28:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B5F7 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e578fe0667f75fc67684302645d1f46913464271be6fd87df0cd4bc361986c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 10:28:51 GMT
server
cafe
content-length
7587
x-xss-protection
0
set-cookie
IDE=AHWqTUk2O9BXn6lDj-2tkH-Kl9IMgIhdyqPObPsVsOXx9tY4BT_1l1Zj55aOXWgs7TE; expires=Tue, 28-Jun-2022 10:28:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 10:28:51 GMT
cache-control
private
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v6/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v6/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://finding.id
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 11:47:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
age
168077
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17008
x-xss-protection
0
expires
Wed, 01 Jun 2022 11:47:34 GMT
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://finding.id
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 23:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
age
212906
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
expires
Tue, 31 May 2022 23:20:25 GMT
XRXW3I6Li01BKofAnsSUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAnsSUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041f60a715023fb438203d995ce5cb286f2daf7ab2f52f356ae85671250ddd28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://finding.id
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:54:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:26 GMT
server
sffe
age
128049
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18764
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:54:42 GMT
caret-cion.png
finding.id/css/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finding.id/css/img/caret-cion.png
Requested by
Host: finding.id
URL: https://finding.id/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.147.123 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-1b0a0c40.vps.ovh.ca
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
finding.id
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://finding.id/css/style.css
Cookie
XSRF-TOKEN=eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9; laravel_session=eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
Connection
keep-alive
Referer
https://finding.id/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Cache-Control
no-cache, private
Server
Apache/2.4.41 (Ubuntu)
Connection
close
Content-Length
1482
Content-Type
text/html; charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame 7D7B 		405 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=315&slotname=1805045618&adk=3741819489&adf=2710618021&pi=t.ma~as.1805045618&w=363&lmt=1622716131&rafmt=11&psa=0&format=363x315&url=https%3A%2F%2Ffinding.id%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131884&bpp=2&bdt=608&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280%2C363x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ytJi16ZCBV&p=https%3A//finding.id&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5816fa18cbe458cd6f5eb1a95e973c248d083b7333f3dc539b570230d021ca5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8476731359454860&output=html&h=315&slotname=1805045618&adk=3741819489&adf=2710618021&pi=t.ma~as.1805045618&w=363&lmt=1622716131&rafmt=11&psa=0&format=363x315&url=https%3A%2F%2Ffinding.id%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131884&bpp=2&bdt=608&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280%2C363x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ytJi16ZCBV&p=https%3A//finding.id&dtd=5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 10:28:52 GMT
server
cafe
content-length
206
x-xss-protection
0
set-cookie
IDE=AHWqTUkO9RqPQXqbwUBfMdme4NyLNvYVH9_Qr28mKNR5JFpThaNlAvzsPWiW9ryu4tc; expires=Tue, 28-Jun-2022 10:28:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 10:28:52 GMT
cache-control
private
custom
pushazer.com/ 		39 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
f21c9b71af8f803d065644df4f5632c7
Date
Thu, 03 Jun 2021 10:28:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
pushazer.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://finding.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128631832-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4649
date
Thu, 03 Jun 2021 09:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 03 Jun 2021 11:11:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8E71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZdHl4664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKYBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevy2AiKQ1G0ydD0kAukZ9t1XLHUIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTg0NzY3MzEzNTk0NTQ4NjA&sigh=p_m94tYCVX8&tpd=AGWhJmt3DQ5WSnOd5mIUTK-0BX95y2vx8yxgw6JIoep5DD6EVX5JLtMwsm6VUXGLnSu4B0MKxX3THzYpDk5gJkH_za7fK0udERh99e_i-LseapaBnlrYMmayqlVVKt3M8oIdTJCuFEFcGrAFf8YEkd7gLPace5mkcMELTbji3c8Vey34LemYgkHFPiTeG6ojKwM5Sc3oEfteYq2aqpVkVHnSkgZhguRulHMla0XFb06oSuBoABVTn_s5-y965dJRzn9EX1Q4a_DYtYbci0PnGBVCBm4zMfDLTTmqDZKLpr5w8d2bkCkOO99J5UUvKmjeFAR0a47G7cPuRPREXpRl5dZnipVIxyyjK2A55zY81B75nvATzGSj3tPzCi8ZA9dsf5keJDutafiI0xBSreoW4n3UuSqY1ifA70ny7FZCSo0CehEde_SqmAez82WC37v95fHuWBRdBg-mXVgIgorNGdvYzA26IpxNUbBhUS1wHmZ5uJ33nPICMU2MJtDY7F33w_WtkHXH_TzoB93i3AFiM1dwnpzN8IPPgqTxIdTrZkMgX3DnCZzlp0L5Tv-S4TXuVk0BeEGV5YMrdxA4eWPONqalSSv6BLnN65t2vNzU2qkdf_IOQ2mu6soVa0lOZqZoghkecldJE5a5xFXGCQEHUlLXh94aa4eWnEiXmEHxufMc1zaHSkx6u18Hzv68Hqcii9CSLwG5e8Cy2LatSG5rXSXrSRfm2d0H3ZWpqQD6fbtZ2gO8bz0MiHk9RZ1b7yqcllGrvDEkb8xLWFz8l5YJKBKHFZI9RAZTFs1-rGZZOnV7zKgqRX3qm4ViaYM3Go97X8GbQkQXDFfqV8FR5atv0QRdYk7DGLf8ZyNFrhOzTFawZiQKDMiFr7nue6nBnxf4Y8a_K-44ueVc2rQfrXSfx0CSkGbOqYjEFd9zapf3fiskKMX5JjF30Bk0sQifjlfx4fsqQLSVQXASiHlpQd1rOmlMqoFr-iLCjpHGYJwclvz-HGejDLJ8hmkUB3XNcC55PmyDXpcG7hJmwihzCqO-tTKJuD5sgmA
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 03 Jun 2021 10:28:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 8E71 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1Sa05UVTNaREF0WWpOa05pMDVZV1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MDA4Nzk4MjQxMDQ3MzU3OTcvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5TVlqaXpscjJWMVJoWTBZQ05nUFdvOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzAwODc5ODI0MTA0NzM1Nzk3L2Ftcy8wLzIzOC81Mi85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMjcxNjEzMS8xNjIyNzI4NzMxLzQvcHViLTg0NzY3MzEzNTk0NTQ4NjAv/TLMEh9tnotEFB4Y-Fm-7P55Tr_E&nodeid=1602&group=eu&auctionid=2700879824104735797&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.40&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%26client%3Dca-pub-8476731359454860%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.200.1 /
Resource Hash
6a8f64c8a0d2e032ce4ae0f0876dde76cbcda7b955130603d4d136a0094be8b6

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:55 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1622716131
Last-Modified
Thu, 03 Jun 2021 10:28:51 GMT
Server
MMBD/3.200.1
x-mm-latency
23 (2)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x42, cdg-bidder-x129
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Thu, 03 Jun 2021 10:28:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 8E71 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 10:19:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E71 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656031336809"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37735
x-xss-protection
0
expires
Thu, 03 Jun 2021 10:28:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 8E71 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 10:26:00 GMT
l
www.google.com/ads/measurement/ Frame 8E71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSneq83qe0kjMt1_ThijF1krz-nAluzgwlRUekTdkObJ6K2SwODO2sEX02so5WoZ3PzmwMwcg5yu0ALQOQISW0Wz8Ohbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=72139257&t=pageview&_s=1&dl=https%3A%2F%2Ffinding.id%2F&ul=en-us&de=UTF-8&dt=finding.id%20%7C%20Cari%20jual%20beli%20rumah%20tercepat%20dan%20terlengkap%20di%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1086120437&gjid=452651202&cid=2096933316.1622716132&tid=UA-128631832-1&_gid=882181336.1622716132&_r=1&gtm=2ou5q1&tc=x&z=804944425
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://finding.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
h78o6ojw9z7r
hal9000.redintelligence.net/zone/ Frame 8E71 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=2700879824104735797&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
4c5afb7fb6813c3349badbc29cb668d3f7ad34bec8f1b4f2a2c072ae2b775f71

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3357
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 8E71 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=2700879824104735797&node_id=1602&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1Sa05UVTNaREF0WWpOa05pMDVZV1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MDA4Nzk4MjQxMDQ3MzU3OTcvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5TVlqaXpscjJWMVJoWTBZQ05nUFdvOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzAwODc5ODI0MTA0NzM1Nzk3L2Ftcy8wLzIzOC81Mi85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMjcxNjEzMS8xNjIyNzI4NzMxLzQvcHViLTg0NzY3MzEzNTk0NTQ4NjAv/TLMEh9tnotEFB4Y-Fm-7P55Tr_E&nodeid=1602&group=eu&auctionid=2700879824104735797&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.40&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%26client%3Dca-pub-8476731359454860%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.200.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:55 GMT
Server
MMBD/3.200.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x69, cdg-bidder-x129
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 03 Jun 2021 10:28:54 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 8E71 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//finding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&ap=&ti=2700879824104735797&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&sr=4&de=43003&si=1467261988&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1Sa05UVTNaREF0WWpOa05pMDVZV1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MDA4Nzk4MjQxMDQ3MzU3OTcvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5TVlqaXpscjJWMVJoWTBZQ05nUFdvOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzAwODc5ODI0MTA0NzM1Nzk3L2Ftcy8wLzIzOC81Mi85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMjcxNjEzMS8xNjIyNzI4NzMxLzQvcHViLTg0NzY3MzEzNTk0NTQ4NjAv/TLMEh9tnotEFB4Y-Fm-7P55Tr_E&nodeid=1602&group=eu&auctionid=2700879824104735797&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.40&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%26client%3Dca-pub-8476731359454860%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b48d4454fd91c405f8d6e927428bb89737493099b0bca207eb601d1d7581ca51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2725
Expires
0
img
pixel.mathtag.com/event/ Frame 8E71 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2700879824104735797&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1Sa05UVTNaREF0WWpOa05pMDVZV1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MDA4Nzk4MjQxMDQ3MzU3OTcvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5TVlqaXpscjJWMVJoWTBZQ05nUFdvOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzAwODc5ODI0MTA0NzM1Nzk3L2Ftcy8wLzIzOC81Mi85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMjcxNjEzMS8xNjIyNzI4NzMxLzQvcHViLTg0NzY3MzEzNTk0NTQ4NjAv/TLMEh9tnotEFB4Y-Fm-7P55Tr_E&nodeid=1602&group=eu&auctionid=2700879824104735797&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.40&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%26client%3Dca-pub-8476731359454860%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3736 915c305 master zrh-pixel-x28 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Jun 2021 10:28:51 GMT
img
tags.mathtag.com/event/ Frame 8E71 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2700879824104735797&st=4562306&time=1622716132&nodeid=1602
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1Sa05UVTNaREF0WWpOa05pMDVZV1k1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MDA4Nzk4MjQxMDQ3MzU3OTcvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5TVlqaXpscjJWMVJoWTBZQ05nUFdvOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzAwODc5ODI0MTA0NzM1Nzk3L2Ftcy8wLzIzOC81Mi85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyMjcxNjEzMS8xNjIyNzI4NzMxLzQvcHViLTg0NzY3MzEzNTk0NTQ4NjAv/TLMEh9tnotEFB4Y-Fm-7P55Tr_E&nodeid=1602&group=eu&auctionid=2700879824104735797&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.40&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%26client%3Dca-pub-8476731359454860%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.200.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:55 GMT
Server
MMBD/3.200.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x68, cdg-bidder-x129
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 03 Jun 2021 10:28:54 GMT
request.php
hal900024.redintelligence.net/ Frame 8E71
Redirect Chain
  • https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8476731359454860%26output%3Dhtml%26h%3D280%26adk%3D3503823239%26adf%3D3502769841%26pi%3Dt.aa~a.1485556156~rp.2%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1622716131%26rafmt%3D1%26to%3Dqs%26pwprc%3D1043787275%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Ffinding.id%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1622716131787%26bpp%3D1%26bdt%3D511%26idt%3D0%26shv%3Dr20210525%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1150x280%26nras%3D4%26correlator%3D288261286308%26frm%3D20%26pv%3D1%26ga_vid%3D2096933316.1622716132%26ga_sid%3D1622716132%26ga_hid%3D72139257%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1012%26ady%3D3388%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060840%26oid%3D3%26pvsid%3D1707586971753713%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3D8OIui9KsN3%26p%3Dhttps%253A%2F%2Ffinding.id%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ffinding.id&random=6476185944881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7035c13aadc6ebe480c8215f5d32b359f94d41c6050063820d8b3893216b9af9

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 10:28:52 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40127200085534400951407011614024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
895
Expires
Thu, 03 Jun 2021 11:28:52 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 10:28:52 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8476731359454860%26output%3Dhtml%26h%3D280%26adk%3D3503823239%26adf%3D3502769841%26pi%3Dt.aa~a.1485556156~rp.2%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1622716131%26rafmt%3D1%26to%3Dqs%26pwprc%3D1043787275%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Ffinding.id%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1622716131787%26bpp%3D1%26bdt%3D511%26idt%3D0%26shv%3Dr20210525%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1150x280%26nras%3D4%26correlator%3D288261286308%26frm%3D20%26pv%3D1%26ga_vid%3D2096933316.1622716132%26ga_sid%3D1622716132%26ga_hid%3D72139257%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1012%26ady%3D3388%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060840%26oid%3D3%26pvsid%3D1707586971753713%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3D8OIui9KsN3%26p%3Dhttps%253A%2F%2Ffinding.id%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ffinding.id&random=6476185944881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 03 Jun 2021 11:28:52 +0200
activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377
5994599.fls.doubleclick.net/ Frame BCB1
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
0f370798997043fd269d19593ffade81b212c3f1d368bb341c5622e9ffbe6ee1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkO9RqPQXqbwUBfMdme4NyLNvYVH9_Qr28mKNR5JFpThaNlAvzsPWiW9ryu4tc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 03 Jun 2021 10:28:52 GMT
expires
Thu, 03 Jun 2021 10:28:52 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 03 Jun 2021 10:28:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900024.redintelligence.net/ Frame 16CC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=40127200085534400951407011614024&a=1b1ccc6a
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=e44e89fdae&subid=&uid=4e480adbd4899720&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2700879824104735797%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_cid%3Dbbaa60b8-aee4-4001-9f03-8663f57d9ec8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCWoi14664YK-KM_7U7_UPw8egkAPPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTg0NzY3MzEzNTk0NTQ4NjDIAQmoAwGqBKkBT9CdyLm2sgyWjoMqJ6pGxnu5rG3LYwmdbXf4MUr677Tivspl9DhHY2kaR0PLLdBadQ2t1VYJmlNwkCAKkVBN-TYo4-E7u7cE1VwuJs8G4fOarXw-wVYY6S06NSzbXVaAymrLrCbk5ONTiz2_F1V_s6cyvrJqcMs0zlJ6DUYe0Yt2U2BXcDxKllcUiEIGDnuMrAevyyIgJJ_qQ4NEX-RmOkcteoLaRHNTy4AGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3SS0Ixw-tYArbBBhZGqWz1FQcl0w%2526client%253Dca-pub-8476731359454860%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8476731359454860%26output%3Dhtml%26h%3D280%26adk%3D3503823239%26adf%3D3502769841%26pi%3Dt.aa~a.1485556156~rp.2%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1622716131%26rafmt%3D1%26to%3Dqs%26pwprc%3D1043787275%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Ffinding.id%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1622716131787%26bpp%3D1%26bdt%3D511%26idt%3D0%26shv%3Dr20210525%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C1150x280%26nras%3D4%26correlator%3D288261286308%26frm%3D20%26pv%3D1%26ga_vid%3D2096933316.1622716132%26ga_sid%3D1622716132%26ga_hid%3D72139257%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1012%26ady%3D3388%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060840%26oid%3D3%26pvsid%3D1707586971753713%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3D8OIui9KsN3%26p%3Dhttps%253A%2F%2Ffinding.id%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Ffinding.id&random=6476185944881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8248995daedbf70da85c44fbca3e24c31501d4187a5471b7ed4601c83f8e42f5

Request headers

Host
hal900024.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=289dbd564fe7b4b0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Thu, 03 Jun 2021 10:28:52 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 03 Jun 2021 11:28:52 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1224
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 804A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 02 Jun 2021 19:54:30 GMT
expires
Thu, 03 Jun 2021 19:54:30 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
52462
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8E71 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9cf10031b6f6f37c24598541f45b85123b834b58f7a12e73fe1f8553ebe3dd0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?oz_pl=1&ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//finding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&ap=&ti=2700879824104735797&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&sr=4&de=43003&si=1467261988&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.6.0/ Frame 8E71 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//finding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&ap=&ti=2700879824104735797&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&sr=4&de=43003&si=1467261988&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e446245714a1be6c8542a1b19fb2205bd84590dc36f68842d9965d35f9311487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:51 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
42862
Expires
Sun, 09 Feb 2053 08:22:40 GMT
dpixel
cms.quantserve.com/ Frame 804A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG0r-Z0LzlG5QpRdgVSRmRg&google_cver=1&google_push=AQvitULOgKzv1q_JMxwKQOI4ilY-zdxNZA9N8zFhYMty4BiOQ6HbQCJBIFFGsz5egZpEd4-pe_WwB1ewth9iqrn7psRU4sYDXaED
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 804A 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC6_GKHMtWrv2z3FM0d6jUE&google_push=AQvitUIaeIFmXcuo8W-Mk3Saa8c-BtXMFIo2N8nK3RWujduT0bTLQsQkHmlFJJhA8hVjFFclqTfUc9-NJPO6ZWflzr7BMmDlFME3&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 804A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfRqQap2v6d_fBxidI8L24&google_cver=1&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfRqQap2v6d_fBxidI8L24&google_cver=1&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOI...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA&google_hm=yQ78rBJkwMsoQtEvjXNljA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA&google_hm=yQ78rBJkwMsoQtEvjXNljA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUL7RohGkAgLa5mRxV31vtI8vVHlBSOKjhcdNnP7qwI0mFlybw13d2PwnUXsswXdMh2F-M5XRvCnghr1QNtV2X10fPoOGyqOIA&google_hm=yQ78rBJkwMsoQtEvjXNljA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ghojf93fuo8mc9m69gfp3n5bm2u5eio8
pixel
cm.g.doubleclick.net/ Frame 804A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kWeExWHBSGaEoYyveJADOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kWeExWHBSGaEoYyveJADOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKuCxIpGrytuDjc4M5asv-2MqXvKkN-fi0eHYYmZCSk3E5YsxSSGP8Jqo5TpbhSLYx6iYhjdxBpQ-QNEjlj6hSbGB1zjkcxJw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kWeExWHBSGaEoYyveJADOg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKuCxIpGrytuDjc4M5asv-2MqXvKkN-fi0eHYYmZCSk3E5YsxSSGP8Jqo5TpbhSLYx6iYhjdxBpQ-QNEjlj6hSbGB1zjkcxJw
date
Thu, 03 Jun 2021 10:28:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 804A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJN_oANU_22HOx3yIdSLQBQ&google_cver=1&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7Ma...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BHUkFEQVMtMTgtRVlCVg==&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7ManrSCN8HqFV-lCDi6p8tvSvokXrg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BHUkFEQVMtMTgtRVlCVg==&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7ManrSCN8HqFV-lCDi6p8tvSvokXrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BHUkFEQVMtMTgtRVlCVg==&google_push=AQvitUKrxHmIXp0cDSE5t9lRUxuRXLuRaZEMgwpihs_CkrK2vsJ7a8oKJfwPv2TMamdn5ybw7ManrSCN8HqFV-lCDi6p8tvSvokXrg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 804A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ...
0
0
trk
ag.innovid.com/ Frame 804A 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcyJs7ay20EMbEtVNgBrzg&google_cver=1&google_push=AQvitULOMDXpO1Q4I9qVG3-WNT7DE2ydvX6U_8uBt_BuHKzYC8eLkREUkc7bH5ecnhmG7w1IqMq9egi2jDOSNDXsd4ZgjcC4c8YLWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:5af6:b07b:462f:23c8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 804A 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjDJ4qKFugM4hU0MDVvAlVwbpFBf5u0hiHBuX8lSL25qhaGbIeAa_O3aVncABg3oW7gOk1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8476731359454860&output=html&h=280&adk=3503823239&adf=3502769841&pi=t.aa~a.1485556156~rp.2&w=363&fwrn=4&fwrnh=100&lmt=1622716131&rafmt=1&to=qs&pwprc=1043787275&psa=0&format=363x280&url=https%3A%2F%2Ffinding.id%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622716131787&bpp=1&bdt=511&idt=0&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1150x280&nras=4&correlator=288261286308&frm=20&pv=1&ga_vid=2096933316.1622716132&ga_sid=1622716132&ga_hid=72139257&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1012&ady=3388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=1707586971753713&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=8OIui9KsN3&p=https%3A//finding.id&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:52 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 16CC 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=40127200085534400951407011614024&a=1b1ccc6a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3133977.ip-51-75-147.eu
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:40 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
viewability
hal900024.redintelligence.net/ Frame 16CC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=40127200085534400951407011614024&a=e877700c&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=40127200085534400951407011614024&a=1b1ccc6a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900024.redintelligence.net/request_content.php?s=40127200085534400951407011614024&a=1b1ccc6a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 10:28:52 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 16CC 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?oz_pl=1&ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//finding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&ap=&ti=2700879824104735797&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&sr=4&de=43003&si=1467261988&dm=336x280&ac=651871&cr=6622328&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377
adservice.google.com/ddm/fls/z/ Frame BCB1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CN-AmNWg-_ACFU27UQodu0MGig;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7363937131137.377?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716132618&oz_l=34&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716132788&oz_l=13109&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame 2D34 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716132950&oz_l=224&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716133102&oz_l=1219&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716133269&oz_l=1011&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
c443ddd9-1b50-452d-9f3f-1d8f5c55601d
https://googleads.g.doubleclick.net/ Frame C7F7 		476 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/c443ddd9-1b50-452d-9f3f-1d8f5c55601d
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
476
Content-Type
javascript
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716133462&oz_l=720&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:52 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
custom
pushazer.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://finding.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 10:28:54 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushazer.com/ 		39 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushazer.com/custom
Requested by
Host: finding.id
URL: https://finding.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
5eec11b68e97ffe361eb47fcb58e1476
Date
Thu, 03 Jun 2021 10:28:54 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://finding.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
404b2a8f7702088e20d38b132acbb07e88b08893f2511d3a66bcbbf25d3fc127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 10:28:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8303
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8476731359454860&plah=finding.id&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:28:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 10:28:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6D9F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 10:26:27 GMT
expires
Fri, 03 Jun 2022 10:26:27 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
147
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A123 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a3a5778aa53ef9986154fd80551a53cd7323d9d87adf4d8bc6e6c3052d30701
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V/8m0XlLMvC9+0ReGdlVKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://finding.id/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://finding.id/

Response headers

expires
Thu, 03 Jun 2021 10:28:54 GMT
date
Thu, 03 Jun 2021 10:28:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-V/8m0XlLMvC9+0ReGdlVKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 6D9F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 06:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
14025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 06:35:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=1707586971753713&bg=!LC-lL2vNAAaMan2LjGo7ACkAdvg8WrPAJInpgbbQZmnHog7iHsitgw0Z3M0jFHhMKl1CGDP1sf0j7wIAAABEUgAAAAxoAQcKATtSR1SqQYu9USQoyP0M0ES08xvGce6A3axAhfboS5yAYvyvuM1EUoxoe9nngD8TWJiJJpv7T45UVIwp9Whj_thboRWqFk52Iqki9jLidehsv1CUtbuxNZZoR9qdu_TG_hpO2Z5G7SP8jO87SmYNcVdCOISLwjbL6ZFI-gHmUkG2V1szYoXNlTnNoEPTqMyWo1ebl-Q16nZQzNUFV1tyOGaE0kw27M0glwj1pQrI4VWVUKNNT4q6TxLI_ko0TeIim2c56LbDBsfgmnjUlrwi-q5IsuAoQdmDCGElHhkWaAo2myYg43VTB8-uVZYrjoYj24rTiBZZ5eQk2RR1Tcy53KfSeoYnNb2e8xMvVjGvhpVeLAOw5oh2w17W8f2ZFtnGcTy4cpUbvkqXWEWEbTmNaMl88kCrv_K7wTafyImZAk18XcTqjS7Bm64ESodCoEXf4JoREV2LNFMsUl-Th81c8oLc1W9SdAWGE2BWCLAu4ujaosTC_gGSaCZLwfz2MsLOX6KQDVOBPdArrrgpU6rXAYJB3ZvwfCtlc_SHkH6bls5qeE6tUz5zndLBBBlRq84Ep7goS5Sr7VqBrBLnEDAaYNEzNFyGqFgddn0dZrMQiR_ZCvbxRv-qWnbZ4DZi1WosJVeIvlHP7pMra-VWmUAz3bDU32Y_cQccGIGClYyTch7tdnWKngLXA50u6v5e8qDyq9Zl-lARIUXHLS1tnMv5-kxJJ-s4zz0l1s7t-JRpKKc0QJ3S56c57y7yZj49QQOSqgfcqqZyjh5G6muIKSQTtOYIcklDttoQpGRXxJYM8m8ETdW1fbhNrCqWXIELniUf9-ZN0Y2Tk5wqdT7rF6JQ7z2njcBcB3GZmF-sjwHqXC3mK7ZyBxQLahs7EbcKsY2mKZ6rjbX_nxLHgL7IjwYYy00Bt9r37D_bN7CM5aY8OT9flQPVsR2yF1w-FbxN_wXcisQplgbiyBYijCff7n5MXKxszww32L5trcQqXdHXlL5odJ25HjkYKRuFHbFMUPIi4zcpcbQIq4_fWoTALvHG7ZU6IaIKp0MZ1ytxh599u_rnVvT-u5L2oxEghF8H40UMRYLjlRbRDGjFvHoc1FfgmOOkoZ60YH-Vng0uIzUbKXFsjMmlAacPhrRNun39-WXWfj65ytQb5Cr1LSeqEd2YB83wAmhOuJxpuDtqxkk59_JtDn7Xw2hOQxoXrCtX
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finding.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 10:28:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716137865&oz_l=228&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:57 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/ Frame 8E71 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.6.0/619621/AJH3JTUIEeZuPfeX/postback?ti=2700879824104735797&dm=336x280&cr=6622328&dt=6196211556140246740000&de=43003&ac=651871&ai=216536&c1=4562306&r1=2a01%3A4f8%3A121%3A%3A&ci=619621&di=https%3A%2F%2Ffinding.id&ui=2dd557d0-b3d6-9af9-0000-000000000000&pv=add2c684-c56d-4673-9db4-53c75bde3172&pp=pub-8476731359454860&r2=&pd=avt&ap=&sr=4&si=1467261988&r3=&sid=AJH3JTUIEeZuPfeX&oz_sc=0377359ff0c099189798a510&oz_df=1622716139581&oz_l=324&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.6.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 10:28:58 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLiu5ASkjOWpnMq8alfGWAAABH4AAAAB&google_gid=CAESED61FiwIYHyLR0tj288j4aI&google_cver=1&google_push=AQvitUId3TzLKOLRwxzO4E6nBVBCxiEFE7xYQ_C2XAXxDWijnrppdTY5tHxJ_e4sAsNtZoNGQsz2om2r2vADVizT5Qw-ol34fabQ

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| zfgformats object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| sdk boolean| installOnFly function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired number| google_lpabyc function| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| googletag object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 289dbd564fe7b4b0
.doubleclick.net/ Name: IDE
Value: AHWqTUkO9RqPQXqbwUBfMdme4NyLNvYVH9_Qr28mKNR5JFpThaNlAvzsPWiW9ryu4tc
.finding.id/ Name: _ga
Value: GA1.2.2096933316.1622716132
.finding.id/ Name: _gid
Value: GA1.2.882181336.1622716132
.finding.id/ Name: __gads
Value: ID=4fcc0c18a62d91b1-2254f59fb6c800d3:T=1622716131:RT=1622716131:S=ALNI_MZqYz1KJ6av3iMEB5FTdF3M7RDaZw
finding.id/ Name: laravel_session
Value: eyJpdiI6IlwvK1dJbDJ5UmZnM1F1cGZDdFN1VWNRPT0iLCJ2YWx1ZSI6InFMSzRYVjdweTVxRVFwWjNVbjVyaXNmRkxmVE82RW9FUkVDaGlxTzVUWkoxUEFrTmNvXC9ZV1NkTE5ORkR6V2ZzIiwibWFjIjoiNmFlOTQ4MDI4YTEzYTA3ODBjODRmZDg2OWE3NGUxYjQ0NjAzNDc1MTkwZjlmZGFhNzE3NWZmNDZlYjVhZTAzYyJ9
.finding.id/ Name: _gat_gtag_UA_128631832_1
Value: 1
finding.id/ Name: XSRF-TOKEN
Value: eyJpdiI6InFUemdzaUNEK2U3Z3hTU3FNUVwvSTZ3PT0iLCJ2YWx1ZSI6IlwvcXgyR3pERmkyY0R5U0FuV2VLanJjWmhrMThxNkVucXFvb2lETjZJekVqUWFCTytjWkoxcEszajNsRGx3YkYyIiwibWFjIjoiOTgzODFhY2ExMmY0NmE3YTY0NDM1YTlkYzQxNTRkNjI3OGY1NTdlYjAxZjczN2FlODVlYjdkYzc3YWUwNTBkYyJ9

1 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
service worker path (u): /sw.js event domain: https://pushazer.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
adservice.google.com
adservice.google.de
ag.innovid.com
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
finding.id
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
id1-cdn.pgimgs.com
id2-cdn.pgimgs.com
image6.pubmatic.com
images.pexels.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
pushazer.com
rtb.openx.net
rumahdijual.com
s.update.mediamathtag.com
storage.googleapis.com
tags.mathtag.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lamudi.co.id
cm.g.doubleclick.net
138.201.84.252
139.45.196.146
142.250.184.194
142.250.185.130
142.250.186.38
163.171.128.148
18.203.130.15
184.30.20.207
185.29.133.199
185.64.189.115
2001:4de0:ac18::1:a:3a
23.111.9.35
2606:4700:10::ac43:14e5
2606:4700::6810:135e
2606:4700::6811:48ef
2606:4700::6811:d166
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2010
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a05:d01c:1d8:8102:5af6:b07b:462f:23c8
34.98.67.61
35.186.253.211
46.4.10.47
51.75.147.170
51.79.147.123
69.173.144.139
01e86fb51eec0bdf8a62354c8dc4d9a4b49020e8e428ef286ed6ccc7a66f1664
041f60a715023fb438203d995ce5cb286f2daf7ab2f52f356ae85671250ddd28
09d14725de3d2f30779fe8a5d3b1fd4b7ea6cfdb02d97b60a17a693703587fdf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc7a583c6027aa456d53f6a9fe2136e8a9785fe5f75a7f477e8f105814291cb
0ef94a5763535dc7eb17b916881be673bfe325832d819eb5932204c46f5156fb
0f370798997043fd269d19593ffade81b212c3f1d368bb341c5622e9ffbe6ee1
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
12e7c67e2b645852d7b0e9f70d72275e3417fa8c80c6bd6991c2f0e4cf5e5066
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167b73e8f4ff531821354640c7bb98d1ab1e1fe51b9134e4840f3c89c0a0fac8
18617eb0953afadd7b07e9890601f26d4dd84e0e01e66c38dbf7dfc1b5f41230
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1ff44ab37fd044017b7cbd6b44469817ba10c5488523569f8ae1035041c1340d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b67da14e2725a72a8cccb22bb4913bcfca77c3f68caa39b912bf2567990cd94
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
36946fa801e2a1a2a77fa9b62060d3b95df024b74f6c9a2c5bf1d472bc293516
377f2e13f197e2d7427378049adc79b0b60fc69f30858cbfba972283981bde7a
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
404b2a8f7702088e20d38b132acbb07e88b08893f2511d3a66bcbbf25d3fc127
4c5afb7fb6813c3349badbc29cb668d3f7ad34bec8f1b4f2a2c072ae2b775f71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50bf0e2f49b8968ecb4b0632b29f2520bcbb05b0f454a55600cb96bbaef60975
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
541e30cc02a7bc0e8791bed39242af979872d1d6daceeba19220d2af77c67f80
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
5816fa18cbe458cd6f5eb1a95e973c248d083b7333f3dc539b570230d021ca5f
60d9a76ad4aa0815327f27dcf7336bf0ce1cda4e1b094a76a202b86eb6907d0c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
6a4e40f4ee1d3d83b13b6dfb4defa0fd3d5f3874cc17811c95e72adaea7b499b
6a8f64c8a0d2e032ce4ae0f0876dde76cbcda7b955130603d4d136a0094be8b6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7035c13aadc6ebe480c8215f5d32b359f94d41c6050063820d8b3893216b9af9
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
769090460974caac1d80e9921b1f2b38b1ce164383044d10cb04b82c2c38b010
7948640f6224e042637941be6da6978085f7521af51fa2c9cfb1edd57f9fc16d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3a5778aa53ef9986154fd80551a53cd7323d9d87adf4d8bc6e6c3052d30701
8193ee2bf25f13bc23426ca7e283c6da0caea7b5095f25698edb55569203d123
8248995daedbf70da85c44fbca3e24c31501d4187a5471b7ed4601c83f8e42f5
84b09766ba8c7950feff7c72ef70e288f125c8887fec4d0cc74d643d09b3cce6
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
868dd2d5f1f3e716b48c1658e2be205a5129fa53eb15f8eaa6e9ceb4a6aeb4db
87a2bc090f3907a47f0e0de9f95f86bd98ab40cb4c819741795061093d81d408
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
92d0ee30becb65099be7bcbdece1c0f63b77225a6276b0c7cde886feef45698d
92eae7f82717e235822483e7aad8cfb04933a76c17bb4c60ebf95826d176f068
991c89469d0b602a9c31bfdb59503560fcd9eab3a8453d3a2ff18138add9c6b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c80471aaa33ab68e7c00edec7a301a32b63e732e869eaf6d7232722f3af590
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7cc253f004c280b8afe4b20000a801a13baf6b77ca91df85316860900cc3959
abdb331fd7aeae5af5ef3a8a5609ffa9da5692bf13e07ab147e825f0dc4637b3
ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48d4454fd91c405f8d6e927428bb89737493099b0bca207eb601d1d7581ca51
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b73609798eea3e026788aa4ccf9c0795dad190c27c2b48bbb92cdc3e09f49efe
b8c1008713f81059ee3ce2a5930fdc5df341031952253fa1c5345b05d158530d
b9ae85fc81b6aa6246722dc8297257e6659a0a4f261fe9cff8edbe1018b2e049
c064f2a33f906f241efe9f7d7aa044ddb39e7970825c4c45172fce7fbddb1c14
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d3db3a07cd01a325326de52822be97f34e9977ea6d2d3b90ae318f87c3daf374
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
dece95d64810dadbaf18e914a10a125382e4afe9e3cc8a46cd9844f323b2dc6f
e16a89e0e67c6054d4b4dff254b5e04338d38d02fede603863bc5566a2163970
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e446245714a1be6c8542a1b19fb2205bd84590dc36f68842d9965d35f9311487
e578fe0667f75fc67684302645d1f46913464271be6fd87df0cd4bc361986c5b
e709ec8be369ebaaeea7796208a150ce4209b317a7967b71d28aa155109356ec
e8ca0f7161e466a7a6a89f342b97d383cf35c83132a7360a9cc5ac21b603308d
e9cf10031b6f6f37c24598541f45b85123b834b58f7a12e73fe1f8553ebe3dd0
ea1496c166076bd77694813c7d8d037815580397b1f5e9ff2da255f6b10e6ebe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f87768dfe14b4c64ffa8044348ec65d6fb1297afcb1ae4ae778b9232b3107
f114111bff7cc3a565593dda77c9c41e9923e9df98c2f2c647cd419e89854559
fee7bb6cb9b706f06c70921a63b9ff065f12e4b7c5b4a9e4b54475a4c0933e46
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881