s.id Open in urlscan Pro
193.84.85.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://amadea.my.id/
Effective URL:
https://s.id/amfakh
Submission: On November 23 via api (November 23rd 2023, 6:17:24 am UTC) from US — Scanned from US

Summary HTTP 93 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 20 domains to perform 93 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	122.248.43.38 122.248.43.38	45325 (PC24NET-A...) (PC24NET-AS-ID PT PC24 Telekomunikasi Indonesia)
1	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
21	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3031::ac43:85fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
3	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:807::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2 2	54.157.181.124 54.157.181.124	14618 (AMAZON-AES) (AMAZON-AES)
5	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:a344:818b:7db4:692b	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
93	23

1 122.248.43.38 (Bogor, Indonesia) 1 redirects

ASN45325 (PC24NET-AS-ID PT PC24 Telekomunikasi Indonesia, ID)
PTR: red-1.daceni.id

amadea.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:7f9 (United States)

ASN13335 (CLOUDFLARENET, US)

microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3031::ac43:85fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:807::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.64.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.157.181.124 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-181-124.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:a344:818b:7db4:692b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	s.id s.id — Cisco Umbrella Rank: 158997 microsite.s.id — Cisco Umbrella Rank: 628691 app.s.id — Cisco Umbrella Rank: 507982	1 MB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	306 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	60 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	114 KB
6	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846	24 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	252 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 597 widget.eu.criteo.com — Cisco Umbrella Rank: 27366	846 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	300 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 904	453 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	716 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	amadea.my.id 1 redirects amadea.my.id	266 B
93	20

	Domain	Requested by
21	microsite.s.id	s.id microsite.s.id
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com cdn.ampproject.org tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com s.id
6	cdn-sdotid.adg.id	s.id
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	microsite.s.id www.googletagmanager.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googleadservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	app.s.id	microsite.s.id
1	trace.mediago.io	1 redirects
1	widget.eu.criteo.com	googleads.g.doubleclick.net
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.jsdelivr.net	s.id
1	s.id
1	amadea.my.id	1 redirects
93	29

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
tiktok.com
instagram.com
home.s.id
www.linkedin.com

Subject Issuer	Validity	Valid
s.id R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
app.s.id R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://s.id/amfakh
Frame ID: 206F52F5463DA9A217A8B38FC6AA6BD5
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0442E3FA32C5FF9465460D472926EF7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1700720233&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720233347&bpp=12&bdt=489&idt=274&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5073133075029&frm=20&pv=2&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306
Frame ID: AA67C43A9038B5BF3F0C69D2A2CF595E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700720234&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=5&bdt=1284&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26
Frame ID: 6A0023F3CC496EDB30E503F2383DAC00
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1700720234&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=3&bdt=1284&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=42
Frame ID: 50445F71490301FDC353AE86C82EF3D4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: B5401C33BDAEAEBE3C0E794089BCA78F
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2710F19BB83F6902802E1BBD6C17D46
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 789A5CAB6374C50CF14268A53BBCCE24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 456CB472737D5868202BA373F37CEFF5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5BE4C1DC927FE42F0BFE3785DA4252C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ammar Fakhri

Page URL History Show full URLs

https://amadea.my.id/ HTTP 301
https://s.id/amfakh Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

93
Requests

89 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

23
IPs

6
Countries

1996 kB
Transfer

5955 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://tiktok.com/

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://home.s.id/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=amfakh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://amadea.my.id/ HTTP 301
https://s.id/amfakh Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://googleads.g.doubleclick.net/pagead/adview?ai=CMD8Wau5eZbGwDq_l0_wP0-yDWO_1zKR0wtzC_NERsJAfEAEgyoTajwFgyYaAgNyjxBCgAfTZpsgpyAEJqAMByAPLBKoEwwFP0BMlyhdft2BIKreoRVifDG75TbjnR10znB2ht-uAE0z66k-fLWWopw3okv4FLK_F3B6n_t3nVehkp7i7hmokjsWlTXliYKz090e9ugnDZgHfIv1Hb5FJ-nGEO4aRHvLQJzsJZwjV83zwAPPpo57kkTjgO8BhpuPVt3Vn9xlaqDK70JAxJBlsTRIeQsBitflt_lsI1yLOt53fLFGKilvsZtO4jMWRBVkGP8zBzyolrXN3O6h6iiTpV21mQWyH6ULQE_zABLaa2P6-BIgFspPLzkugBi6AB_SR96cEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQmqesAtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly93d3cuYXRsYXNjYXJ0cy5jb20vgAoByAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLELDh0oituo-BwAESAgEDuBPkA9gTA9AVAYAXAbIXHAoaCAASFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=g1ZeLMrhARQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwDICaaNVF7UO72m3NK9qna5raza0x-8YGpsvVFlhpJWJ9RKu7HlY6OUjuLY_oA-Z0Qg2gtsmpIAgQ3zGAE&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbfd49b00f9e7e3110000000000000000%22,%222%22:%220x8d27638a0958f07b0000000000000000%22,%223%22:%220xfdacf68034b9e9f40000000000000000%22,%224%22:%220x301318d6ac9bc8390000000000000000%22,%225%22:%220x7a86d4c4a49df1b80000000000000000%22},%22debug_key%22:%2216197732623719844282%22,%22debug_reporting%22:true,%22destination%22:%22https://atlascarts.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211157482740%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218359654752263548625%22}&andc=true

Request Chain 67

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHglKTso54ZkBm_Nz-ssE88-DnRayqWNsFcW6EuXEW5LyR6-worYvnBTLbpM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHglKTso54ZkBm_Nz-ssE88-DnRayqWNsFcW6EuXEW5LyR6-worYvnBTLbpM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0VUSFZIQnMxUjYzMXg1&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHglKTso54ZkBm_Nz-ssE88-DnRayqWNsFcW6EuXEW5LyR6-worYvnBTLbpM

Request Chain 68

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 69

https://a.c.appier.net/gcm?google_gid=CAESEJ30j4HqxWdOrPgQJi7yPgs&google_cver=1&google_push=AXcoOmSS9B4C8OugF-oDi85Ao5LontYOSmmUN46vxF-H9nvDjBPP_LbCNKsnQ_9jgNOjahoEhRJhN08YNl_QGhLKOsQf0rYvIqnfTj0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=R1JIWlNLZjZDdlNzeWRzVmEtNWVaUQ%3D%3D&google_push=AXcoOmSS9B4C8OugF-oDi85Ao5LontYOSmmUN46vxF-H9nvDjBPP_LbCNKsnQ_9jgNOjahoEhRJhN08YNl_QGhLKOsQf0rYvIqnfTj0

Request Chain 70

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcSzdKRClJAcJtFTX0d2YM&google_cver=1&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpHFVbLWK9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpHFVbLWK9A&google_hm=eS1Ud3JGUlZkRTJwSEpCczNZMW53amhqXzV2V1dSeUFRbX5B

Request Chain 71

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiq8YMlMK5CcK5Xf0tuk0wkdqRVsn4jXr1j4dw3ZZqGLQex5LNSqP6Nr_ls56FYEs-qPPRE11SLW2Ng4S6jb3gBFhlhmQcJXg&google_gid=CAESEH3-8Zl3Kt1RkQgu0Pzh7QA&google_cver=1 HTTP 302
https://widget.eu.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiq8YMlMK5CcK5Xf0tuk0wkdqRVsn4jXr1j4dw3ZZqGLQex5LNSqP6Nr_ls56FYEs-qPPRE11SLW2Ng4S6jb3gBFhlhmQcJXg&google_gid=CAESEH3-8Zl3Kt1RkQgu0Pzh7QA&google_cver=1

Request Chain 72

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIHhorS5p3odQyNBEMnjmPY&google_cver=1&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmxB5Tai3UMHi6Iijb3GIoGCn0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIHhorS5p3odQyNBEMnjmPY&google_cver=1&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmxB5Tai3UMHi6Iijb3GIoGCn0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NzQ5OTc5MDMyMzczOTg5Nw&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmxB5Tai3UMHi6Iijb3GIoGCn0

Request Chain 73

https://trace.mediago.io/cs/google?google_gid=CAESEK2WmQ18FgGs9yrh2ve_NAE&google_cver=1&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uzeTBgxP7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uzeTBgxP7&google_hm=1b7de7e8f4066cff1ya56800lpasx06d

93 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request amfakh Show response
s.id/
Redirect Chain

https://amadea.my.id/
https://s.id/amfakh

20 KB
6 KB

1728ms
499ms

Document
text/html

193.84.85.178
STORMWALL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),

Reverse DNS

Software

nginx / Next.js

Resource Hash

59d2a581cb9cec51d062cc60f5e49af88d5444ad511c06b20a950ab9c161156f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 82a749ae398e3e19-SIN
content-encoding: gzip
content-length: 5739
content-type: text/html; charset=utf-8
date: Thu, 23 Nov 2023 06:17:12 GMT
etag: e_1700713512
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNUeKmcTUSO%2Fnp4gSMndQYSHDCjnmlQ79qx%2FGPox%2Bfj40yWGu2l%2BB1vjimVknGT%2BSWzj9qbyORn%2BX5ZgsYGHGUVeeihv5EFP7e4IQSl8ffIEiB4niQVjd%2FFUzREIOOLJ"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

Redirect headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 23 Nov 2023 06:17:10 GMT
Location: https://s.id/amfakh
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 a6e26b705378ef50.css
microsite.s.id/_next/static/css/ 118 KB
18 KB 138ms
50ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/a6e26b705378ef50.css

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1033891
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"1d816-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql%2Br7QQAxftBnFo075Ns1C0GLGOD8ozykHoNLxOJyZHVcFY4B8lDmF9%2FIzFuERD2ZzfY%2BJB1ICXVFMan26l3QPKFX8fEwtqFirk3qMTTaIt2OdVd6cflzgkVq0R25kn53avUWkvvSpjKth1Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b00f1d4c0c-MIA

GET
H2 200 cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 22 KB
6 KB 136ms
48ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"57d2-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC4wVUqvQv33tFTGKQa4qbnCE8%2FioPIuNf1gjoaeoRZ5nLGvK07WrtxCx5yfw%2Fttwu0ofR1D3oxi3TsHnkoQ4v69LgLtHxElqZKmCisePKa3Lj3znefVGFG6M6%2FOGLrZUTmR8ovvx39c7SyU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b00f1e4c0c-MIA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 242ms
98ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d626bf2f3238af3c2bc9b9e2e31c1a100b7f0396835755804378b45632dacdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52698
x-xss-protection: 0
server: cafe
etag: 7836346027983796461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:17:13 GMT

GET
H2 200 webpack-9cbf820596dfeb98.js Show response
microsite.s.id/_next/static/chunks/ 4 KB
2 KB 80ms
46ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1094627
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"e46-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4225JVNL84Utl8hV62z8fY%2BE12Kfo8IaI%2FTKKK5tGXK2jsOttui26RS78qotsVNotkG5Blb8uKv2HZ56Ea4PPty5A0Xl%2BOsfxtiPZmw9JPy2sMvdFWqLXmkBclgAgmxZPJwegqxmVGSC8hi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b00f214c0c-MIA

GET
H2 200 framework-56bc1d2b5d8be648.js Show response
microsite.s.id/_next/static/chunks/ 138 KB
45 KB 51ms
48ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020284
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"226f3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=we%2Btax2JFYKBbCNYO%2B3wmCSThM%2BYnT8Bh38nSMXQ3RYYlYMpKVFDNye6jCTk2uDkQB6Sf24pER3Ev8o1pZWllOGprPUYEjnixVYf%2BpD%2BGEuTAK%2F%2BWshYP%2BTy187h1pZ%2BJpuWMxR3Ugxql8t%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f554c0c-MIA

GET
H2 200 main-559dbfa8afd7d7a2.js Show response
microsite.s.id/_next/static/chunks/ 97 KB
29 KB 53ms
51ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"185da-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBTjtTDZkrL9EpeNkuQvPuyQ8PwY%2Fn%2Fo7E%2FsB5TWRE9vCpdJ39eOoX31kSgjaRFo74%2BidUKwhHc0ru8509uIpcBMtqn7uUzIauc%2F9vFO7H4h9NcFmhr1c4D0ThupEdjSodP3MUOfmBKUO%2B7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f564c0c-MIA

GET
H2 200 _app-538933ef5d1d99b9.js Show response
microsite.s.id/_next/static/chunks/pages/ 315 KB
102 KB 86ms
84ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314576
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"4ed1d-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSpEFT6%2BpgA%2B16CL69dOxgYWR%2BgJRDll7plNVAiGyEqszfF8msQD7%2BT2aZJ2pnkglYl1eMf2X%2FDs%2Fd6kip8OBmkE0BIOk1G3qPWz%2B%2F8IIpLJZNFRrnLllnXQWhjWIt3tZlJzm9gjBrYaJKu9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f584c0c-MIA

GET
H2 200 f85a1fd0-0ccc9e26436af44f.js Show response
microsite.s.id/_next/static/chunks/ 476 KB
74 KB 88ms
86ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027935
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"771a6-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndYFXXlUkkgY7oJIB%2BQ%2BcdKtxCf52aAMPVqqYQX9y49bf2kKuytkyZJyWIXwcF3Nn5SYXuFNxnYlYd8qs2Z6JH78CuS5FRK9SwYkgv7RpDXgqEEsX5g%2B67XCUnHPFMGbVDZ8X%2BjrG2PAWbgS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f5a4c0c-MIA

GET
H2 200 347dd6d2-909e20e25b7384a8.js Show response
microsite.s.id/_next/static/chunks/ 948 KB
283 KB 89ms
87ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314506
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"ed138-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HiTnsCsokS8b0YxHBoidCk%2BEMp3f1a4M%2F8GT9a3tzOTq3eYdsf34IOOlhQAENuptrtrRnkj40kqaY0kdKIqT42K6km7wdQMmxGvQI6xRqNEPoiLwzUfGdCU%2FMRCcCaoOG9UbqF%2BV4%2FghHHf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f5c4c0c-MIA

GET
H2 200 b7322211-d279212bc11c825d.js Show response
microsite.s.id/_next/static/chunks/ 501 KB
212 KB 88ms
86ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314506
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"7d3a4-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyIuofZzGSMd1e3vwX5KEh7IlyYDF6bzBSB6X%2BmNIYkU3Ib16w%2B%2B61VIVyk%2Bnxj47Zryi%2BVnEzobSIXMP%2B1Qel6b%2Boek292fhwM645CP%2BH4jO%2FM4xbo5sajohH5dLUapnRoNyT0xgJIP%2Fgvy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f5d4c0c-MIA

GET
H2 200 865-541ca60fc46f1bbc.js Show response
microsite.s.id/_next/static/chunks/ 596 KB
174 KB 85ms
83ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/865-541ca60fc46f1bbc.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314506
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"94fd3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN%2BYBytCOa%2BpbniOaA9Z5fXfGY5dbLE70IUVVeY3xlhlbgc3O0nYVABHCc5ICJ9pAjFn%2B9s3nsafmIT8%2FecjVPNOZj4CTfcyqtrmXZI2iGdHuhyMvEDMeIp43bGgR9gKGcfCMAknAGx0LQxO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f5e4c0c-MIA

GET
H2 200 %5B%5B...any%5D%5D-f3f713278be240ee.js Show response
microsite.s.id/_next/static/chunks/pages/ 171 KB
39 KB 83ms
81ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-f3f713278be240ee.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 947242
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"2acb7-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PBy4p8LPT69Fu5PtNhaMvHSDNKQbWJE6hPbBxUvY3Ff2izwO7IY2kcIwrMu%2BPmu3I1GDpZyiqrtOWEnYs7r9K3oxg7bo86hoo7nh63RENG80SWvtc1zAgx%2F5pxUsdJGfbiNgW6QdBwxQ%2BO0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f5f4c0c-MIA

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/ 578 B
614 B 46ms
44ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767034
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 07:42:04 GMT
server: cloudflare
etag: W/"242-18bccc7bce0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puZJguxdxe6F%2FcL62On7ATsAqWOkHrwf5BMMVAe535tITs7U4%2B3icVps7C26pdPYCIFelXWfjviE%2FZwAbNpRgHGsfKXbicQJbgDucZD9FVaicNPhpMhMISIWHujUrVryt97FAnNubV9ElFw9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f604c0c-MIA

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/ 77 B
404 B 44ms
42ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767034
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 07:42:04 GMT
server: cloudflare
etag: W/"4d-18bccc7bce0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbT%2F4MTguX9LbvBnc6RyUgTk%2BB31F1aU4kmOaWejtFvHIs55NYD6srVaJ3FsqQ6CkGPcwTiOqc5PlZcFAyDGieMsurlmGVcFMbjavbqVmL7Ev4KJyKiV%2FMVYlUCNo%2BIMo%2FG9ARfUYYrH%2F1jQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b06f624c0c-MIA

GET
H2 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
779 B 509ms
422ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdVetuEXlWa%2BQOLCQkBibvjpDAEVSgPMA8livkQWydSLkLJ8TY071vQpuJ9ka%2F0k7rYroCtOUxAo6vSZJxoxeCRxqOLaIBfeWQrSnassnwLlTTl5R4DiCKKPbCMmoeQ2YXlDBHdDtX%2FHF8SF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82a749b00f1f4c0c-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 work-sans.css
microsite.s.id/assets/fonts/ 4 KB
781 B 508ms
421ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/work-sans.css

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4r5r5OjES%2FDUBQP0D9WxfISFENI0Y0MZmuzpK3G01lpKQTXrO0P4xlCVSbHblwu3jTNDWimFeDiQENYq7Ax2%2BzAexWM4palaCb5MLYOXbxP198YZ4Ue91qJtapZpKcWemV6Kn4dfOVcvXsh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82a749b00f1c4c0c-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 e7ab3ccd-6f82-4dd3-aee3-e58f643c1e7a_980x381.webp.jpeg
cdn-sdotid.adg.id/images/ 3 KB
3 KB 175ms
76ms Image
image/webp 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/e7ab3ccd-6f82-4dd3-aee3-e58f643c1e7a_980x381.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

426f30266e4bd63e8ef323e3427e3098aeb034390f8bd26c8ea66e95961e5e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
x-amz-version-id: amxZ2yCMa2uB_YIlPU5rAUIWXlzQ.6Op
via: 1.1 4147caa9bd44f24d893d2277818f3b16.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2800
last-modified: Thu, 28 Sep 2023 12:39:03 GMT
server: cloudflare
etag: "95955ae8676d6e5cdf2993d17dc77a77"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcoBswgaQ3yGZopbE3NlJB7G%2B%2BSeLYFW5lTdYTAeZ7mVJjl%2BOCW9Co4ipSQAvJL0bFDoInm3Wj3CCjLgD91VdCAGhoZv2v6fQiIaDStQZuwN5E5pQJ%2Fj%2BCToOUrd0Hx2qRlignWbfUvui6ZlV%2FWOJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a749b02af49add-MIA
x-amz-cf-id: BvsVEEflZLW2lyENZUcv0h1svEJ5JyLnDCu8AJ7oOzClTciwjSHz7g==

GET
H2 200 sid-neu-logo-dark.svg
microsite.s.id/images/ 8 KB
4 KB 501ms
415ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l64P4gJChC5JiGyPfFpWE%2BxjadVx%2BeaAFl8FLZfTm1c7vE1LaivTimsauyafmEX7Kzk9cKnpmqhaRIl5lNx5a8om2eW6ZRFIHj5X6vkK77LN7m71C3KkN2LOVjanWBTJ2v42qzYAcwU9NaqJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82a749b00f204c0c-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 120ms
119ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2c5a3b8eb2ad34e766081a84635cc33d6322b157dcd933c9b1e2ba15fc98246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138497
x-xss-protection: 0
server: cafe
etag: 1045070599251898719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:17:13 GMT

GET
H2 200 6049ccbf-9cbb-4d5b-aff8-907ff8fad08a.svg
cdn-sdotid.adg.id/images/ 445 B
762 B 47ms
46ms Image
image/svg+xml 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/6049ccbf-9cbb-4d5b-aff8-907ff8fad08a.svg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c51682d8f257140d33983efe13f55dc49a8c7e4fc15a28a50da40381ec1bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
x-amz-version-id: qRXY.ZSYO_6Ue03KE1p88uEZIxxpB8dG
via: 1.1 9c1e51085ad77fbbab78fe2feb46cf98.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Jan 2023 13:35:41 GMT
server: cloudflare
etag: W/"292f60854cfcf03f5b2a027e19014596"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpmSohBDZBAcp5YdrPpdo6Pnapk%2FGf%2BZ%2BzR0EWRFKNEmcrvEUQ2pB2za6zptecoPhFRRfjUR0%2FiE93kouxmio1GfTObCCJi3RENAxXEgVca1BtM9EV4YPeYcrOI2oyuaJbbo0oQslMNma%2FGkwy1PFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 82a749b29cb89add-MIA
x-amz-cf-id: bxuN5UV47RHlJO4L4L1a6wFP7YakZjMgWa8UpbdB1eOe_FDpLgJ_Qg==

GET
H2 200 e7ab3ccd-6f82-4dd3-aee3-e58f643c1e7a_980x381.webp.jpeg
cdn-sdotid.adg.id/images/ 3 KB
3 KB 41ms
40ms Image
image/webp 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/e7ab3ccd-6f82-4dd3-aee3-e58f643c1e7a_980x381.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

426f30266e4bd63e8ef323e3427e3098aeb034390f8bd26c8ea66e95961e5e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
x-amz-version-id: amxZ2yCMa2uB_YIlPU5rAUIWXlzQ.6Op
via: 1.1 4147caa9bd44f24d893d2277818f3b16.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2800
last-modified: Thu, 28 Sep 2023 12:39:03 GMT
server: cloudflare
etag: "95955ae8676d6e5cdf2993d17dc77a77"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bHWUnWwohqdai9TOSdn2NqvqTfQ%2FYDKrDL13n09ShqrZJPLwdv7Ekx7yaxnuvQKBaOoagv3GU5ecyZRW%2BW2zPXtWZ6RDxoMX4LXQu5%2Fr1Nc5YxC%2FwBmzOlQnPgmwr7lFDTYC%2Bvn%2BKj%2BcHKSbJu0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a749b29cba9add-MIA
x-amz-cf-id: BvsVEEflZLW2lyENZUcv0h1svEJ5JyLnDCu8AJ7oOzClTciwjSHz7g==

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 0442 9 KB
4 KB 197ms
63ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:29:07 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 15:29:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 montserrat-normal-700.woff2
microsite.s.id/assets/fonts/dist/ 30 KB
31 KB 530ms
459ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/montserrat-normal-700.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/montserrat.css
Origin: https://s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30856
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"7888-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo5u7XO%2BjKfeUimOYsUxVsNrNZPvfsNH5snVKz3YU57xVTVV9qN7OQGo9WLGumxFydg1TWpC90KAhSgru0WgVaZUO3O2EG3CywAbFpeblAf5N3kbp3XzLMTfqsZiO8GZiCLN%2FSw8UXlKEkPs"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82a749b339d221d3-MIA

GET
H3 200 montserrat-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 30 KB
31 KB 493ms
427ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/montserrat-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/montserrat.css
Origin: https://s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30856
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"7888-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y52rAGNzH2mxE2uB9sWPCPsZhSR4nsv2pfVD0ZVwceMP%2FU6fOlG%2FTbpnMAaMkEQcnRBtAx0YLTTXFbddwjOUzUKD9vxxcSsxJuSHe6jvn3e8RW%2Fpgt6oxmdFrDA9J7Zqwyvi4M%2FwDZQg6iX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82a749b339d521d3-MIA

GET
H3 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
1 KB 410ms
410ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOYdajBML4omviWE%2BYWPky5fSLIa6mtS5o8E3IOtxLVnmGGRyC3d5XKVxbCAK0mrJaivnvKQHoEKivDssriuGW4yTEtf1QI%2BAcfjONv7xlBMSUftcVP8PhdpGvYRWtILfw1uDEriV6CKbO74"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82a749b2d9a6da6f-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA67 0
179 B 143ms
142ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1700720233&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720233347&bpp=12&bdt=489&idt=274&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5073133075029&frm=20&pv=2&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 06:17:13 GMT
expires: Thu, 23 Nov 2023 06:17:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 47 KB
47 KB 358ms
358ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/work-sans.css
Origin: https://s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Baz8X2iy1D7tJOhvtslcqwMAm99jJBArEiMKeMiIKxHeiMu4iolDZQ%2BfUC%2B%2BDRAjsRX6fCyKmIUAO%2FyzngBU09HVTC61zP6WgN1a%2FUdESMsPSCT4DF1aqIPnWPPKwMWPxdmktht0ROpbmVln"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82a749b6ac0121d3-MIA

OPTIONS
H/1.1 204
No Content adcap
app.s.id/api/ Frame 0
0 884ms
281ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=amfakh

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://s.id
Connection: close
Date: Thu, 23 Nov 2023 06:17:14 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 506.9f321d440064bb53.js Show response
microsite.s.id/_next/static/chunks/ 1 KB
1 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 837303
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"44a-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BGVLJttS3tGSOVNuZF52AqccaMQzK6%2BvGAxTllaRVuxWN8qakudIhctMSBNvcip0WGEYUCX%2FjRo460dXIIKL5xm%2BKYv9AL9iOIiHaexCGy5UqNGm7WtIAqPNVl2QmpMOlXSzyIOEAFdOWPB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82a749b6ee1fda6f-MIA

GET
H/1.1 200
OK adcap Show response
app.s.id/api/ 37 B
704 B 857ms
294ms XHR
application/json 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=amfakh

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4c2330d21f6fbb0454cac69744a0bb9bed44f2e84474c2bdf2945bd0140bf995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1700720234,n8aguc,8b61142edfc9077aebbb43590de9981d
Referer: https://s.id/
X-RPC-Lang: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 06:17:15 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://s.id
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 246ms
79ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6890b5028a513c842990d8b81bdff4c0bc1ce847be99ac051b62a9c1dfee778a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 06:17:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 333ms
167ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f10bf3224e78e755cca70fd39767141a6f47bd0a68db579799b69c5017f1834d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 06:17:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A00 120 KB
41 KB 759ms
755ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700720234&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=5&bdt=1284&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef67dcd4bbd0e2bb40c4fbd674eb5bef7aa13ee731fbd0515ee1caa8db9e6ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42203
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 06:17:14 GMT
expires: Thu, 23 Nov 2023 06:17:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5044 60 KB
13 KB 599ms
597ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1700720234&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=3&bdt=1284&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=42

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82132683eaf40ad085bd7949c6f0e803d2d25f7cb7d45eecbbc8eeec54126c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13018
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 06:17:14 GMT
expires: Thu, 23 Nov 2023 06:17:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5207ecbd-a5b3-4f34-8005-46c7afb8322d_800x800.webp.jpeg
cdn-sdotid.adg.id/images/ 13 KB
13 KB 80ms
78ms Image
image/webp 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/5207ecbd-a5b3-4f34-8005-46c7afb8322d_800x800.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0499609534fb98fe091e760e40772d3ba3739b1dee009650a09fd45b408ce404

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
x-amz-version-id: n8eywfKWsGYNnFvQYWdFgux9nRTjKUp2
via: 1.1 68d0308c2ef809661e524bd15564b0bc.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13036
last-modified: Sun, 29 Jan 2023 13:18:14 GMT
server: cloudflare
etag: "6d68b090f10c4e4820143e834ea29d55"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxMIgohtyhdElfuEq%2FDMiC0YLx1RY1sAC%2B6kA9yU%2BXwPWNq%2F9ce4t5Z26eTRrEmnprZk6MGfdFPSnrh29o%2B9RAS4Ncxj4j58AFN9hsJJCnEzRqIEVpiIB4J98DiYO1rN1bH5qHcf2Z7JCG2JzRTV3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82a749b889bc31ef-MIA
x-amz-cf-id: IVHqX7csSiz0GZfAjxZZ71PMK7-Vhi0_40ZgyrPdH6bb1y1Ok8OhRA==

GET
H3 200 whatsapp-icon.svg
cdn-sdotid.adg.id/images/ 3 KB
3 KB 47ms
45ms Image
image/svg+xml 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/whatsapp-icon.svg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad9140bb7cbbb0c1520a2b2f4f277b582b39c05ff36237b7ffd5919a6c7fb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
x-amz-version-id: _wvBRc_j1uXWoA_gRowaYgFDDcRcgXj9
via: 1.1 e180310aa2bd73460387710f5b74da16.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
age: 6714
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Jul 2022 04:25:27 GMT
server: cloudflare
etag: W/"5c96806f055c27f2b96c9ac3333d6018"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmO%2B9VQtVC%2BJbIFjvg%2FljXxrDfkafqk4Q7iYxdS4mDzXKnFfmTbE6Nz5I8eFRYULock%2FdbSl34WXIabORSzRJZb49D0XeGzOHpocoB8qguqKGZv0bsw6Nr8ZlIITTkCqJ1Eei3RONre5DlPOqfO4bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 82a749b889c331ef-MIA
x-amz-cf-id: G7CqryGTZVzFjp6ikwmoumH5qucT6flj5iddxwRqNvCmKTtjicuCTA==

GET
H2 200 2709-fe0f.png
cdn.jsdelivr.net/npm/emoji-datasource-twitter@14.0.0/img/twitter/64/ 1 KB
1 KB 126ms
33ms Image
image/png 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/emoji-datasource-twitter@14.0.0/img/twitter/64/2709-fe0f.png

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1cbe03d4afef4a4cf6016716a210a83143b3bc13eb449e7f90bb4b571643f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 06:17:14 GMT
x-content-type-options: nosniff
age: 3725976
x-jsd-version: 14.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1072
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760052-MIA
x-jsd-version-type: version
etag: W/"430-0x8Az8mcBEZTGEllzdGscDqD4Yw"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 linkedin-icon.svg
cdn-sdotid.adg.id/images/ 954 B
1 KB 105ms
104ms Image
image/svg+xml 2606:4700:3031::ac43:85fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/linkedin-icon.svg

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:85fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb43cfb41b9c5dcace140269e1ebc903b5295dcba9bde7db569e034374be6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
x-amz-version-id: rrZ9wLbn9xPjSdr5oZ7nqnL4qtkiPMVn
via: 1.1 20f0da216a3d7d69d6c7e3cec1f1788e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: MIA3-C2
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Jul 2022 04:25:26 GMT
server: cloudflare
etag: W/"1404d4481cdaf7b3326262fd7d841fdc"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Efnqr2CPATQzloSY3l68WnU99LGzq%2BS38gsNsRD4vhnOL7bIj%2FTUi3c%2FSZaS430%2FbvXCBtP2aiNa6nzFBWkxlXtm1faDIXHQHojF2HwoBA%2BQ8BIkknKqIS0nZRHQi2BeoLYzE8vPwfNQB1bwYGAfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 82a749b889c531ef-MIA
x-amz-cf-id: omvKa3B2LHr4RjJJigvseRJHGQqZnk4oc2idBPSeMkL83JVV-7Mwuw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
246 B 241ms
74ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b81v881303989&_p=1700720234136&gcd=11l1l1l1l1&dma=0&cid=79083923.1700720234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700720234&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Famfakh&dt=Ammar%20Fakhri&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 98ms
87ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69e9d1550feb06b123445f64e8cf9414a561bd2bde9b438a4207851340439a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 06:17:14 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
237 B 134ms
46ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b81v889124241&_p=1700720234136&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=79083923.1700720234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700720234&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Famfakh&dt=Ammar%20Fakhri&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 186ms
64ms Ping
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=79083923.1700720234&gtm=45je3b81v889124241&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame B540 196 KB
56 KB 243ms
70ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1700720234&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=3&bdt=1284&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 04:44:03 GMT
age: 437592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Nov 2024 04:44:03 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B540 15 KB
5 KB 391ms
222ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 18:07:46 GMT
age: 216569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Nov 2024 18:07:46 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B540 95 KB
29 KB 369ms
200ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 18:07:46 GMT
age: 216569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Nov 2024 18:07:46 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B540 5 KB
2 KB 387ms
219ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 18:07:46 GMT
age: 216569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Nov 2024 18:07:46 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B540 40 KB
13 KB 349ms
181ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 21:20:22 GMT
age: 550613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 21:20:22 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame B540 6 KB
2 KB 365ms
198ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 02:31:14 GMT
age: 13561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2443
x-xss-protection: 0
server: sffe
etag: "d3619ba7d4f4801f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 02:31:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B540 44 KB
2 KB 251ms
84ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35e88af7d345a976c7d0b560f6633c6465d2113fe17af82e46ceaae2de0c24ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 06:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 04:37:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 06:17:15 GMT

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B540 3 KB
3 KB 329ms
163ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:52:14 GMT
x-content-type-options: nosniff
server: cafe
age: 30301
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Thu, 23 Nov 2023 21:52:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B540 344 B
466 B 326ms
162ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 11:34:23 GMT
x-content-type-options: nosniff
server: cafe
age: 67372
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 23 Nov 2023 11:34:23 GMT

GET
H2 200 65157628b0239d0011eb4c8e.png
tpc.googlesyndication.com/sadbundle/8355270184499171255/ Frame B540 1 KB
1 KB 246ms
82ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8355270184499171255/65157628b0239d0011eb4c8e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6b5b085e9456a7f3f070cd15d6abcc6da913ba2473805c0feeecb917240a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:33:07 GMT
x-content-type-options: nosniff
age: 31448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 11:26:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 21:33:07 GMT

GET
H2 200 65157628b0239d0011eb4c8d.png
tpc.googlesyndication.com/sadbundle/8355270184499171255/ Frame B540 5 KB
5 KB 240ms
76ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8355270184499171255/65157628b0239d0011eb4c8d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50955e136ec967af33e618aa9443678ea8bb9c90f4998eca79eee5b535f7cbf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:33:07 GMT
x-content-type-options: nosniff
age: 31448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4741
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 11:26:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 21:33:07 GMT

GET
DATA 200
OK truncated
/ Frame B540 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 106d2412877901f147dcfca7c002ef68c5c3c27e4556e613842102d7fea409b7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 6A00 6 KB
1 KB 208ms
78ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700720234&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=5&bdt=1284&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 06:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 05:35:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 06:17:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A00 2 KB
902 B 110ms
75ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 06:08:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6A00
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CMD8Wau5eZbGwDq_l0_wP0-yDWO_1zKR0wtzC_NERsJAfEAEgyoTajwFgyYaAgNyjxBCgAfTZpsgpyAEJqAMByAPLBKoEwwFP0BMlyhdft2BIKreoRVifDG75TbjnR10znB2ht-uAE0z66k-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbfd49b00f9e7e3110000000000000000%22,%222%22:%220x8d27638a0958f07b0000000000000000%22,%223%22:%220xfdacf6...

0
0

216ms
88ms

Fetch
text/css

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xbfd49b00f9e7e3110000000000000000%22,%222%22:%220x8d27638a0958f07b0000000000000000%22,%223%22:%220xfdacf68034b9e9f40000000000000000%22,%224%22:%220x301318d6ac9bc8390000000000000000%22,%225%22:%220x7a86d4c4a49df1b80000000000000000%22},%22debug_key%22:%2216197732623719844282%22,%22debug_reporting%22:true,%22destination%22:%22https://atlascarts.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211157482740%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218359654752263548625%22}&andc=true

Requested by

Protocol

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xbfd49b00f9e7e3110000000000000000","2":"0x8d27638a0958f07b0000000000000000","3":"0xfdacf68034b9e9f40000000000000000","4":"0x301318d6ac9bc8390000000000000000","5":"0x7a86d4c4a49df1b80000000000000000"},"debug_key":"16197732623719844282","debug_reporting":true,"destination":"https://atlascarts.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11157482740"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"18359654752263548625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 06:17:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 06:17:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xbfd49b00f9e7e3110000000000000000","2":"0x8d27638a0958f07b0000000000000000","3":"0xfdacf68034b9e9f40000000000000000","4":"0x301318d6ac9bc8390000000000000000","5":"0x7a86d4c4a49df1b80000000000000000"},"debug_key":"16197732623719844282","debug_reporting":true,"destination":"https://atlascarts.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11157482740"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"18359654752263548625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 13257762154599240376
tpc.googlesyndication.com/simgad/ Frame 6A00 8 KB
9 KB 183ms
153ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13257762154599240376?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56ac2b15003479c4441b41de8d3859678b68498a2137699a30656c154666231c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:00:35 GMT
x-content-type-options: nosniff
age: 1000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8657
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 16:58:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 06:00:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14095392387081188055/ Frame 6A00 26 KB
26 KB 115ms
85ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14095392387081188055/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

560667dfd5733d092f242978ef366ea1f54e0443ff982682591fcbe238d7a9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:01:24 GMT
x-content-type-options: nosniff
age: 951
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26918
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 17:24:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 06:01:24 GMT

GET
DATA 200
OK truncated
/ Frame 6A00 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6A00 23 KB
9 KB 174ms
165ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 15:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 15:33:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A00 3 KB
1 KB 181ms
172ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:58:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E271 1 KB
643 B 76ms
70ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 01:09:21 GMT
etag: 48472445140208031
expires: Fri, 24 Nov 2023 01:09:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A00 20 KB
9 KB 75ms
69ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6A00 0
0 228ms
80ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQO6xJ3L2R9YcGWwUIxV_TA-UbSX4WLvJMWF9uFo-RLKdUFTu41sxeNbGAgec8RwaD_oE1cvIIo8WODiD0_34NszClEA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700720234&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=5&bdt=1284&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A00 202 KB
64 KB 233ms
86ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:17:15 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 6A00 37 KB
16 KB 208ms
62ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 03:55:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E271
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0VUSFZIQnMxUjYzMXg1&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHgl...

170 B
232 B

80ms
80ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0VUSFZIQnMxUjYzMXg1&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHglKTso54ZkBm_Nz-ssE88-DnRayqWNsFcW6EuXEW5LyR6-worYvnBTLbpM

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Nov 2023 06:17:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b9c03ce7e17fd5b3@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0VUSFZIQnMxUjYzMXg1&google_gid=CAESEIzMB202hy7Ebnm2MFS0qfM&google_cver=1&google_push=AXcoOmQmgOjhqc5vC3KjLhEcIhVz8GhiJXRNJT7GqHgEHglKTso54ZkBm_Nz-ssE88-DnRayqWNsFcW6EuXEW5LyR6-worYvnBTLbpM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E271
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4m...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc...

43 B
420 B

107ms
106ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700720234&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=5&bdt=1284&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82a749bea9f6224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1425
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFGBmTVFHHxskdU4PYf3PMU&google_cver=1&google_push=AXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQgX40keQ792aV18hIgwNzSILFj8a5jnb0NLnwPaoNiQmQ59bWS2W0TGrcqui7WgG2oCA68d2C38C54NtQgzn8b5pJhgBc4mX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82a749bde991224b-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame E271
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEJ30j4HqxWdOrPgQJi7yPgs&google_cver=1&google_push=AXcoOmSS9B4C8OugF-oDi85Ao5LontYOSmmUN46vxF-H9nvDjBPP_LbCNKsnQ_9jgNOjahoEhRJhN08YNl_QGhLKOsQf0rYvIqnfTj0
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=R1JIWlNLZjZDdlNzeWRzVmEtNWVaUQ%3D%3D&google_push=AXcoOmSS9B4C8OugF-oDi85Ao5LontYOSmmUN46vxF-H9nvDjBPP_LbCNKsnQ_9jgNOjahoEhRJhN08YNl_QG...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E271
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcSzdKRClJAcJtFTX0d2YM&google_cver=1&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpHFVbLWK9A&google_hm=eS1Ud3JGUlZkRTJwSEp...

170 B
329 B

78ms
77ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpHFVbLWK9A&google_hm=eS1Ud3JGUlZkRTJwSEpCczNZMW53amhqXzV2V1dSeUFRbX5B

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Nov 2023 06:17:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTKFr2w3VS-Pv6YcPVjwmc9G23E_4W4R-iptrHF7vusvYAOlFUsySyQO9QHuU-GtB2z7EJG4x7dKS17J4yuEvGrbpHFVbLWK9A&google_hm=eS1Ud3JGUlZkRTJwSEpCczNZMW53amhqXzV2V1dSeUFRbX5B
content-length: 0

GET
H2

200

usersync.aspx
widget.eu.criteo.com/dis/ Frame E271
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiq8...
https://widget.eu.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXco...

43 B
363 B

451ms
148ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.eu.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiq8YMlMK5CcK5Xf0tuk0wkdqRVsn4jXr1j4dw3ZZqGLQex5LNSqP6Nr_ls56FYEs-qPPRE11SLW2Ng4S6jb3gBFhlhmQcJXg&google_gid=CAESEH3-8Zl3Kt1RkQgu0Pzh7QA&google_cver=1

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 190237
expires: Thu, 23 Nov 2023 00:00:00 GMT

Redirect headers

location: https://widget.eu.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiq8YMlMK5CcK5Xf0tuk0wkdqRVsn4jXr1j4dw3ZZqGLQex5LNSqP6Nr_ls56FYEs-qPPRE11SLW2Ng4S6jb3gBFhlhmQcJXg&google_gid=CAESEH3-8Zl3Kt1RkQgu0Pzh7QA&google_cver=1
date: Thu, 23 Nov 2023 06:17:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 818982
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E271
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIHhorS5p3odQyNBEMnjmPY&google_cver=1&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIHhorS5p3odQyNBEMnjmPY&google_cver=1&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NzQ5OTc5MDMyMzczOTg5Nw&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZ...

170 B
232 B

79ms
79ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NzQ5OTc5MDMyMzczOTg5Nw&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmxB5Tai3UMHi6Iijb3GIoGCn0

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA5NzQ5OTc5MDMyMzczOTg5Nw&google_push=AXcoOmTD6-SbObbsWKQsaCwtaiTfOCfWNLZxFc3vxIwp_z-tynt-wx6zq8AiQTn7PySAkuC9vpaLEZmxB5Tai3UMHi6Iijb3GIoGCn0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E271
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEK2WmQ18FgGs9yrh2ve_NAE&google_cver=1&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uz...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uzeTBgxP7&google_hm=1b7de7e8f4...

170 B
232 B

78ms
76ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uzeTBgxP7&google_hm=1b7de7e8f4066cff1ya56800lpasx06d

Requested by

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRwJH7fNCshEE5fdTYCPflJl77m-r9_k6k2wIFE6fH4td3v1fwddmM5_FMf8CpnIV_tQ6iARwt1NQjVqPNLZd-ffG-uzeTBgxP7&google_hm=1b7de7e8f4066cff1ya56800lpasx06d
date: Thu, 23 Nov 2023 06:17:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E271 0
139 B 226ms
75ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHXBvlczSlRU8FQmGrbZDd5YkLQap-vT-Xqb3f5amWvgn1bmWlO-hz6u58ra7R-BX3JdUW3g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 234ms
90ms Preflight
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 06:17:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A00 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c473d0d681883a8f7325576fe55264f21b6b433ac0e1deddb73bbe902351b44

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v34/ Frame B540 14 KB
14 KB 200ms
62ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v34/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:59:48 GMT
x-content-type-options: nosniff
age: 112647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 19:35:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 22:59:48 GMT

GET
DATA 200
OK truncated
/ Frame B540 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f6e97718e57e29e6cb9f27b397415833d5266f54d83788e8ed906f349d31494

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame B540 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8777f4fefe20b30bf8c0176d82b9db768c8c2d4f561bb240cbb1bb6003693ff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012310301456000/ 23 KB
8 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 18:08:05 GMT
age: 216550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7813
x-xss-protection: 0
server: sffe
etag: "1d4497e3d264bf30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Nov 2024 18:08:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B540 0
19 B 105ms
101ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ4roau5eZYbzDv7U0_wP8uKF0ALpzMSddLrv9da1Ee6x-8zUDhABIMqE2o8BYMmGgIDco8QQoAHCj4OcKsgBCakCDan0aNlFsj6oAwHIAwiqBLsBT9C-l7pmd2A-BUn1ctGClimXNJvGctQssGnqdhZjEmTZyUsvoY53147ypDaCHS1zBWCoLf9-JIJ3_rJMb450YliYDFa6JqAFyeEkNTy3TzcT2u1wYdsgdEWbm7AurneTwjeWcfX0zHP_cW4dEzyWn9g9xwo4G3OSyBnrfFK3TzKidtaOOo5vVs_TN4tBBWxM_tVNYh2htsrQuNtoYSNZXJMuRXAS64ci6vzS-1Tt0XO07JU7UMYxU3gKBsAEyZyhps8EiAW54eydTZIFBAgEGAGSBQQIBRgEoAYugAfCx9P7BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEISqK9IIHQiAYRABGB8yAooCOgKAQEi9_cE6WJeTssu82YIDmglFaHR0cHM6Ly9kaWdhbmV4YS5jb20vWkEvMTY3OTk0MjM5Mj90cmFja2lkPTY5OTQ4Mzc0OSZjaWQ9NjMyLTczOC03MjQxgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwRCgsQ4L7_neGo74nOARICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjc0MjIxNjUzNDY0MDU0NRgA&sigh=hx3JxVqCJ7c&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaNFbJw2kOYU-VNd3dX8OQ4Jp4Rek3hmAjRsq53wrqZxKqf-qVsqRJ8ny3kLnivYUXI2Iw0KXSaMxgB&template_id=419&cbvp=2

Requested by

Host: s.id
URL: https://s.id/amfakh

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1700720234&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Famfakh&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700720234143&bpp=3&bdt=1284&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=5073133075029&frm=20&pv=1&ga_vid=79083923.1700720234&ga_sid=1700720234&ga_hid=1514397751&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=2836901419286528&tmod=858401647&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 06:17:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A00 15 KB
16 KB 62ms
62ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:01:08 GMT
x-content-type-options: nosniff
age: 15367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:01:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A00 15 KB
15 KB 76ms
76ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 04:26:30 GMT
x-content-type-options: nosniff
age: 438645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 04:26:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 264ms
132ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bac670b08e943e7cd467f3ce437a85127b649c779567e5be23c59ec1e93d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12340
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 789A 38 KB
15 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 01:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 01:11:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 176ms
151ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 06:17:15 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6A00 0
0

POST activeview
pagead2.googlesyndication.com/pcs/ Frame B540 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 456C 13 KB
5 KB 67ms
61ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 12606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 02:47:10 GMT
expires: Fri, 22 Nov 2024 02:47:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C5BE 829 B
1 KB 89ms
86ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4104c04c17c742d4d33490e7ee46649b642ca5bce5b2dda4166c9837ee769e1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5iKDTCUGyWSTf63jDnA3VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5iKDTCUGyWSTf63jDnA3VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 06:17:16 GMT
expires: Thu, 23 Nov 2023 06:17:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 456C 39 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 02:47:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C5BE 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2836901419286528&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 456C 0
10 B 76ms
76ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?efWY1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:17:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
94ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2836901419286528&bg=!rq2lreLNAAZxrfrxUa07ADQBe5WfOMJZRuTbUKrOVDUOY-MCvHMX7Z7ihawh7zvanYqpIzzuF2nNWriwEzWT-jrCLp83AgAAAQpSAAAABWgBBwoATMFVs2CJQfHbOSObPj7d02mhLT8PcyYLG0wIfO8XD8PP1PX7rC79izDnrx9jpfJaSik6C4Yrntw3fPIDgG8YrTtiem66vkRHXdDsUw-ZAqlVSKe0hhsDIsXU8Ap6xXwpLjeiRyE0IrCTnzcGQSeAUluwhuO8-F5s6lqfhdkwE0is49EbHI-Ux-q6fV57VxmyCAoDg-u-t9ZcdMgIMmX12nKJ9hw609PdG-j9MkDp4Q5SWZ1ZAyIZu4-cKdK_f8PX3dVl0q5IpF5sOpsO9Eu_GUOmeVNNXH89Nh8M3RaVPg1MDhmuyS20A1A20_PvIEO9Js4Nfap26Dyu3TR435UNnaXxZgc8-rRCRMFUB___KOgBRYPuAlMK-Y6i1t_r9Ktehq3RbqWeCDhCJztFUfdVAfWxYtzBVEq3x8ZUrCss_oScqsLeAnr4cWl2Wth28U05ROLtapR_S3QQehQXWo1i8aFl16rtq09V7c132A29tjPVw8G3yvmRN56Y1ZMrZSra6qM79VTSsvTzZnuBToZRvIasN7zYMhd0LSN3G6rHliE7lR6sgiSsqB1VXMJ4ZX06qCvJNH9BnsrF5BvSZ6iF1bv4K9mPsFTIpo_mFI88G-O758Wl4Xj7fKOE6oRV7j_buYCA6GB3xPa1lfqABXoOD91jMz-t1eY_qHlakZRstiLnJBcvbaww5Oi3HFK7leXivt3rqn1hb3BhOGOvyGwvY5T2bm8K8KRF1fyfpz8EeLgXqlGUoRRQCbP4M7ZDpzzpQRtic5fuNTgMJ25FBhGw1vFUTYi9IunRZfUwTa7M5MWEejPIbmcTWDndKr5kW2FC1TvEFT7dqQxRYaLT43fZnN4HZNGtyT6FkXzldfw21OAuRmlOWDn7TNUM-j_1IpSBpeze2gWH8fV-0ue483sxETdWBEzgMJfsL4i_tqpwuM3tNM74xYK0Jdpt_FBg7NEN6PCO86OdUx8qg1l06UoYeeMp_i-Paoo4WKm_uW2Y9oWox6ZQLLZqYv0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 79ms
75ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b81v881303989&_p=1700720234136&gcd=11l1l1l1l1&dma=0&cid=79083923.1700720234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700720234&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Famfakh&dt=Ammar%20Fakhri&en=scroll&epn.percent_scrolled=90&_et=11&tfd=10552
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 47ms
44ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b81v889124241&_p=1700720234136&gcd=11l1l1l1l1&dma=0&cid=79083923.1700720234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700720234&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Famfakh&dt=Ammar%20Fakhri&en=scroll&epn.percent_scrolled=90&_et=8&tfd=10628
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 06:17:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=R1JIWlNLZjZDdlNzeWRzVmEtNWVaUQ%3D%3D&google_push=AXcoOmSS9B4C8OugF-oDi85Ao5LontYOSmmUN46vxF-H9nvDjBPP_LbCNKsnQ_9jgNOjahoEhRJhN08YNl_QGhLKOsQf0rYvIqnfTj0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB2MX4Kcm4MHrbekEekuccEp27y62NgXcrPB97niOJE6oZ19chZK0ghC73RYUpdSjdot55qdFD0KxJYL3D288iyGqIkB4sWsPKCBOA5JpQ9XOgT-ekIdGqsX-GNBNvtTH7Y4OnhdakaU64THDZmMhNCayN5ctxAAPltps7VnrilaphAXl5hQSeWCBEqqqD8Tt-HEkeVcddWxGZ1gaXLt3xzug4rQJzvaTLhNxJbbOM7oV_06TYhRQnl5HCmatjzW3Jc7u8WGBdcjcWjuTPr2-adU_O1hbFPKqvvpHscCkElLNQWJGuwwveNT_cYAwq3l1KpJOkGkHKF9ngaHj-m-BylDa6wFlAQWF9prUQeM3jSrQZqdvLQMb7xpUpEhUQKFseOrrulmefiqBjKTgcenZnAalg4Mzi0vgmOpVucAXly3L1HdRGl4SIDY5i7ktw_M7U7NPQeVpd9YBack2Iyjgt2MQOfrMMjcXobTzHbj_NPvH9zoT5-1aD1WM2BKXD8GSaDPHQWIcNCTw-m7JyQKgvdrbAJiIwV4NtrX894shMgX8ukGwb4bwyAND4_luy1Ybin3ne61Rjnryg09hA6W5z0eAAhqOPJNj-SSMTYu6P-FmWyQ6pNfxDesKgJa0sEjwusf2fTCzVvNNz9xXFE4ir3CSJ3eMxHMIwQN6nJcOTLdb4X8oHLO6afjFvlUXFQjBJc1ANiyTArIGNAbWXuJooVoWVHpSEzWzlH6rqTJQx8V1kCon8Dh2ZiExbrg0LINyq2LpH28VeH4OEjPwISVQ7PlC4wDuzIUgxsozltZKHs1YF6MNysALOebp98GF1QjlBg7qfM_0OLBUWa-KvGPpo-QdVrW2moDYeeaCpEsVMhnSxB8emNzA8aMh7g2d7jkj-N9HWSAMhrJVz00vcGlyY6iswQ-u_Ep9fFPHgw6WicFZjRgHematXw8_dBwMDyd93cvblTtvHsDQEiAQyaydQ9uKUfO9pLbQPODXbr9LnO0EJYVVQJLsBuFQ9r9FLFVgqkvyKUGOA-tQxs3QrRnq7d92Rjv3XEdZO3psYaEmtN6c&sai=AMfl-YTp4uEDTrBeAsDYRiE-r0ZpFrtZIQ3PpLGUAdtguyTSK9RUmwIKBb9z-eaDMbmYyA4F-ysojTHYSbrqSAV26TJhFT5MkI58Pmzi5IXL_JKDDymm1OY8oJ2HAsmbWg9rLrQMSFjs0LUz&sig=Cg0ArKJSzEYuxbhlWcxJEAE&cid=CAQSOwDICaaNVF7UO72m3NK9qna5raza0x-8YGpsvVFlhpJWJ9RKu7HlY6OUjuLY_oA-Z0Qg2gtsmpIAgQ3zGAE&id=lidartos&mcvt=332&p=0,0,280,500&mtos=332,332,332,332,332&tos=332,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700720234173&rpt=1387&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv763SjXmY9ZoHqBLQpkTnxeAVaTg22cyY4KxxlyasdUrZ_BvYVbqFVtgKLL9-759fvs2lAgneA7dQW9KcI5JRoLRRKWI6H0FarjIxbEJpb4BN2sntPjX-7hhOr0v7DjA4nQ49zo9BvIw&sai=AMfl-YQXfx8q-nz2bqwCxkcbXwn6LhDtai_eX3qlIicPkr5aXEN-b-heL-6fua93iEm3fXo6BjreAtf_If19L6hVKRKY66m7K9tcF_6l9CLneYTkFuRKsySzGJyT6Kpv6SRMXPTpl3O_mPA&sig=Cg0ArKJSzBg8gHiIo53fEAE&cid=CAQSPADICaaNFbJw2kOYU-VNd3dX8OQ4Jp4Rek3hmAjRsq53wrqZxKqf-qVsqRJ8ny3kLnivYUXI2Iw0KXSaMxgB&id=ampeos&o=550,1133&d=485,60&ss=1600,1200&bs=1600,1200&mcvt=459&mtos=0,0,459,459,459&tos=0,0,459,0,0&tfs=668&tls=1127&g=100&h=100&pt=2&tt=1127&rpt=2&rst=1700720234808&r=de&isd=inside&msd=inside&avms=ampa

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 02:01:20	Name: _ga Value: GA1.1.79083923.1700720234
.s.id/	1970-01-21 02:01:20	Name: _ga_LJQ0V44EV5 Value: GS1.1.1700720234.1.0.1700720234.0.0.0
.s.id/	1970-01-21 02:01:20	Name: _ga_GTE5CBQ89K Value: GS1.1.1700720234.1.0.1700720234.60.0.0
.doubleclick.net/	1970-01-21 02:01:20	Name: IDE Value: AHWqTUlnP8UsGIQRGt_HaAhVXeun6_Cwo1UkLFw-1ckee_3JEZ8cB1PIHJMVw8f8K0w
.s.id/	1970-01-21 01:46:56	Name: __gads Value: ID=71705803182f24af:T=1700720234:RT=1700720234:S=ALNI_MZb8mgmTBXvHn50Zny1a7J5O4T8oA
.s.id/	1970-01-21 01:46:56	Name: __gpi Value: UID=00000da36ce6cd4f:T=1700720234:RT=1700720234:S=ALNI_MbfrozzjZmkkA1Uk8O2D6Bi-ci7yg
.yahoo.com/	1970-01-21 01:11:17	Name: A3 Value: d=AQABBGvuXmUCEBYe9BuFNIO1AFrEoOzZknsFEgEBAQE_YGVoZQAAAAAA_eMAAA&S=AQAAAjp223YRn2_eK5FDwGWR_F0
.adform.net/	1970-01-20 17:08:32	Name: C Value: 1
.mediago.io/	1970-01-21 01:10:56	Name: __mguid_ Value: 1b7de7e8f4066cff1ya56800lpasx06d
.w55c.net/	1970-01-21 01:55:34	Name: wfivefivec Value: sETHVHBs1R631x5
.tribalfusion.com/	1970-01-20 18:34:27	Name: ANON_ID Value: ajntuJOleq9PZabpryMqnw8oEO7l2JKt0A32XQYRn3l2V3xeoZbySprx0dDpgfq0KDbqxDhZcwfXxSFowcrCetPZcW04
.adform.net/	1970-01-20 17:51:44	Name: uid Value: 1097499790323739897
.w55c.net/	1970-01-20 17:08:32	Name: matchgoogle Value: 5
.googleadservices.com/	1970-01-20 18:34:56	Name: ar_debug Value: 1
.c.appier.net/	1970-01-21 01:10:56	Name: _auid Value: GRHZSKf6CvSsydsVa-5eZQ
.c.appier.net/	1970-01-20 17:08:32	Name: _gu Value: CAESEJ30j4HqxWdOrPgQJi7yPgs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
amadea.my.id
analytics.google.com
app.s.id
c1.adform.net
cdn-sdotid.adg.id
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
microsite.s.id
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
s.id
s.tribalfusion.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trace.mediago.io
widget.eu.criteo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
pagead2.googlesyndication.com
122.248.43.38
142.250.64.98
142.251.41.2
178.250.1.9
185.167.164.39
193.84.85.178
2001:4860:4802:38::181
2600:1f18:4e9:5a02:a344:818b:7db4:692b
2606:4700:20::681a:7f9
2606:4700:3031::ac43:85fc
2606:4700::6812:18ad
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:807::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
2a04:4e42:600::485
35.208.249.213
45.126.58.90
54.157.181.124
74.119.119.150
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
0499609534fb98fe091e760e40772d3ba3739b1dee009650a09fd45b408ce404
053e5953624fc013a583490b9ced4cf2b377e4627be5f259fe0d9bcaf5334c7e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c473d0d681883a8f7325576fe55264f21b6b433ac0e1deddb73bbe902351b44
0d626bf2f3238af3c2bc9b9e2e31c1a100b7f0396835755804378b45632dacdb
106d2412877901f147dcfca7c002ef68c5c3c27e4556e613842102d7fea409b7
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
29c51682d8f257140d33983efe13f55dc49a8c7e4fc15a28a50da40381ec1bc6
2e6b5b085e9456a7f3f070cd15d6abcc6da913ba2473805c0feeecb917240a0a
2f6e97718e57e29e6cb9f27b397415833d5266f54d83788e8ed906f349d31494
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35e88af7d345a976c7d0b560f6633c6465d2113fe17af82e46ceaae2de0c24ee
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
4104c04c17c742d4d33490e7ee46649b642ca5bce5b2dda4166c9837ee769e1a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426f30266e4bd63e8ef323e3427e3098aeb034390f8bd26c8ea66e95961e5e5d
43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14
44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9
4c2330d21f6fbb0454cac69744a0bb9bed44f2e84474c2bdf2945bd0140bf995
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50955e136ec967af33e618aa9443678ea8bb9c90f4998eca79eee5b535f7cbf1
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2
560667dfd5733d092f242978ef366ea1f54e0443ff982682591fcbe238d7a9ee
56ac2b15003479c4441b41de8d3859678b68498a2137699a30656c154666231c
59d2a581cb9cec51d062cc60f5e49af88d5444ad511c06b20a950ab9c161156f
5ad9140bb7cbbb0c1520a2b2f4f277b582b39c05ff36237b7ffd5919a6c7fb43
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6890b5028a513c842990d8b81bdff4c0bc1ce847be99ac051b62a9c1dfee778a
69e9d1550feb06b123445f64e8cf9414a561bd2bde9b438a4207851340439a26
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
82132683eaf40ad085bd7949c6f0e803d2d25f7cb7d45eecbbc8eeec54126c60
82bac670b08e943e7cd467f3ce437a85127b649c779567e5be23c59ec1e93d4d
8777f4fefe20b30bf8c0176d82b9db768c8c2d4f561bb240cbb1bb6003693ff1
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e2c5a3b8eb2ad34e766081a84635cc33d6322b157dcd933c9b1e2ba15fc98246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49
ef67dcd4bbd0e2bb40c4fbd674eb5bef7aa13ee731fbd0515ee1caa8db9e6ada
f10bf3224e78e755cca70fd39767141a6f47bd0a68db579799b69c5017f1834d
f1cbe03d4afef4a4cf6016716a210a83143b3bc13eb449e7f90bb4b571643f72
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb43cfb41b9c5dcace140269e1ebc903b5295dcba9bde7db569e034374be6008
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

s.id Open in urlscan Pro 193.84.85.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

89 %HTTPS

64 %IPv6

20 Domains

29 Subdomains

23 IPs

6 Countries

1996 kBTransfer

5955 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s.id Open in urlscan Pro
193.84.85.178 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

89 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

23
IPs

6
Countries

1996 kB
Transfer

5955 kB
Size

16
Cookies

93 HTTP transactions
5 data transactions