loli17.my.id Open in urlscan Pro
128.199.11.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ooo-nes.com/acc-rcvery.php?acctid=24TA24
Effective URL:
https://loli17.my.id/secure-online-credit-card-and-bank-account/
Submission Tags: https://phish.report @phish_report Search All
Submission: On January 07 via api (January 7th 2023, 3:44:48 pm UTC) from FI — Scanned from FI

Summary HTTP 169 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 35 domains to perform 169 HTTP transactions. The main IP is 128.199.11.118, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is loli17.my.id.
TLS certificate: Issued by R3 on December 20th 2022. Valid for: 3 months.

This is the only time loli17.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:112	197695 (AS-REG) (AS-REG)
1 1	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
1 1	162.241.121.60 162.241.121.60	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
18	128.199.11.118 128.199.11.118	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	54.39.128.117 54.39.128.117	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	() ()
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	() ()
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	() ()
2 2	35.190.0.66 35.190.0.66	() ()
2 2	37.157.6.253 37.157.6.253	() ()
2 2	37.252.172.123 37.252.172.123	() ()
1 1	151.101.66.49 151.101.66.49	() ()
2 2	2a05:d018:d29... 2a05:d018:d29:3601:9a06:e26f:40d0:e9d8	() ()
1	35.186.253.211 35.186.253.211	() ()
2 2	185.64.189.115 185.64.189.115	() ()
1 1	69.173.144.165 69.173.144.165	() ()
169	22

1 2a00:f940:2:2:1:4:0:112 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

ooo-nes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.126.58.78 (Indonesia) 1 redirects

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.121.60 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-121-60.webhostbox.net

lnk-primeamzoin-scurex31enckslogs.dedyn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 128.199.11.118 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

loli17.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (None, ) 2 redirects

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (None, ) 2 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:9a06:e26f:40d0:e9d8 (None, ) 2 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	657 KB
33	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	238 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	307 KB
18	loli17.my.id loli17.my.id	208 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	336 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	5 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	700 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com	1 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com	936 B
2	adsrvr.org match.adsrvr.org	529 B
2	rlcdn.com 2 redirects id.rlcdn.com	580 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11812 s4.histats.com — Cisco Umbrella Rank: 9307	5 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	82 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	519 B
1	openx.net rtb.openx.net	351 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	545 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1570	356 B
1	mathtag.com 1 redirects sync.mathtag.com	864 B
1	google.fi adservice.google.fi — Cisco Umbrella Rank: 45744	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	694 B
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 13013	757 B
1	dedyn.io 1 redirects lnk-primeamzoin-scurex31enckslogs.dedyn.io	449 B
1	s.id 1 redirects s.id — Cisco Umbrella Rank: 96430	161 B
1	ooo-nes.com 1 redirects ooo-nes.com	199 B
0	tribalfusion.com Failed s.tribalfusion.com Failed
0	3lift.com Failed eb2.3lift.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	unrulymedia.com Failed sync.targeting.unrulymedia.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	teads.tv Failed sync.teads.tv Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
169	35

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
18	loli17.my.id	loli17.my.id
15	cm.g.doubleclick.net	loli17.my.id googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	loli17.my.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	loli17.my.id googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	secure.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	cdnjs.cloudflare.com	loli17.my.id cdnjs.cloudflare.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fi	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	loli17.my.id
1	3.bp.blogspot.com	loli17.my.id
1	lnk-primeamzoin-scurex31enckslogs.dedyn.io	1 redirects
1	s.id	1 redirects
1	ooo-nes.com	1 redirects
0	s.tribalfusion.com Failed	loli17.my.id
0	eb2.3lift.com Failed	googleads.g.doubleclick.net
0	ssbsync.smartadserver.com Failed	googleads.g.doubleclick.net
0	sync.targeting.unrulymedia.com Failed	loli17.my.id
0	x.bidswitch.net Failed	googleads.g.doubleclick.net
0	sync.teads.tv Failed
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	ssum-sec.casalemedia.com Failed	googleads.g.doubleclick.net
169	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.stumbleupon.com
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
loli17.my.id R3	`2022-12-20` - `2023-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
histats.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://loli17.my.id/secure-online-credit-card-and-bank-account/
Frame ID: 34CC4C91DD5DEC2CF4FA1133B5FADB72
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Frame ID: ED3B368B86680C85805EDC0B57F62879
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&adk=3046330955&adf=2044148826&lmt=1673106283&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283141&bpp=5&bdt=2824&idt=732&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3431201498718&frm=20&pv=2&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=759
Frame ID: 34F3351A517D51B806F5960D9D454AAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767
Frame ID: 90CEE09A830C970A0CA1031749AD69DA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785
Frame ID: 9F651B32AE12BD27F3375C5F6C864C7B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=3709164205&adf=1809588450&pi=t.ma~as.1508166016&w=728&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=728x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283149&bpp=1&bdt=2832&idt=791&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280%2C620x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=rzs0ByXFFp&p=https%3A//loli17.my.id&dtd=794
Frame ID: 0035653AB17B83ED9B5316D609B84663
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8
Frame ID: 0B700FAE7187EB9624C2D59AE33E83D7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14
Frame ID: 8C583108813AC09313249AF5A2D4033A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21
Frame ID: BA2DBEB90B74EFB538F0F12F16BBE7C6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5
Frame ID: 5BF1F9977BFDF28F058337978AAF1B1D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FBB2A734DDB95993C9CCDCB118D6BCB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2BB73745E2A1E1484DEE3F000162FAB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57FFC2991C8F784AA723A5FA02E8B5DD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 239DB9BAEB47949FC405B83531554B58
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02DFB5C41B22F3D1B57E96832955FC38
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: B2F63BE82D34F2253649A123A9D85B37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 71AA94BD8DF1CF57A40A50CA76DE6BC4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: B03B0C48788D612ED61658BD7673C8CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: E2246838C8F85D9AF761B3AEC8960C03
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: EA78A1FA7D456D1B78B26C10D1FB85B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: E7DDED0DF85DAD758337E1EA1515AF65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 1B273E52B36051FAA79287BAE1D45547
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Online Credit Card and Bank Account – Secure

Page URL History Show full URLs

http://ooo-nes.com/acc-rcvery.php?acctid=24TA24 HTTP 302
https://s.id/1velI HTTP 302
https://lnk-primeamzoin-scurex31enckslogs.dedyn.io/?xXXxXXX HTTP 302
https://loli17.my.id/secure-online-credit-card-and-bank-account/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

169
Requests

84 %
HTTPS

39 %
IPv6

35
Domains

40
Subdomains

22
IPs

8
Countries

1841 kB
Transfer

4343 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https://loli17.my.id/?p=31
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Secure+Online+Credit+Card+and+Bank+Account&url=https://loli17.my.id/?p=31
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=https://loli17.my.id/?p=31&title=Secure+Online+Credit+Card+and+Bank+Account
Title: Stumbleupon

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://loli17.my.id/secure-online-credit-card-and-bank-account/&title=Secure+Online+Credit+Card+and+Bank+Account
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://loli17.my.id/?p=31&description=Secure+Online+Credit+Card+and+Bank+Account&media=
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ooo-nes.com/acc-rcvery.php?acctid=24TA24 HTTP 302
https://s.id/1velI HTTP 302
https://lnk-primeamzoin-scurex31enckslogs.dedyn.io/?xXXxXXX HTTP 302
https://loli17.my.id/secure-online-credit-card-and-bank-account/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMl0S7XF5Macc8or5SBlPyY&google_cver=1&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdAqizz8BVbiij3lQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdAqizz8BVbiij3lQw

Request Chain 127

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0OkjOdHXoZNJvDDYITOZTJTO0tAVDaX_f8Zog9kTq9veooE9sUNVXKP8UMRS6B6Jkh7ID0X_4Q3EQRW65esQAf4ev1410GtZUk&google_gid=CAESEM0sj3-Ezkgu2azD8sZtYQA&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO-m5p0GEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BYXZQcTBPa2pPZEhYb1pOSnZERFlJVE9aVEpUTzB0QVZEYVhfZjhab2c5a1RxOXZlb29FOXNVTlZYS1A4VU1SUzZCNkpraDdJRDBYXzRRM0VRUlc2NWVzUUFmNGV2MTQxMEd0WlVr HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb2RBeF9NdExiZk04TEZIVnRLSHZ5NGVyT2FEdmh4dFA2a3lMN00xYkpHMA==&google_push

Request Chain 131

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELM_IjdiFsn6SRIuGOZ5VY8&google_cver=1&google_push=AavPq0PpDmesMLErjzYKGbYm50gggB47moWW-KKlJpmWk9IMXXeeqExBXYfvIpBHp5RbhIwO2tQCEOKFlHytXoobL_nQWKPot8RUtH5I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PpDmesMLErjzYKGbYm50gggB47moWW-KKlJpmWk9IMXXeeqExBXYfvIpBHp5RbhIwO2tQCEOKFlHytXoobL_nQWKPot8RUtH5I HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 135

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBzEPOAYmRhESnIUufx666k&google_cver=1&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPuTs_4z5xlkqbC96I HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JQ6DwmCJRZ6vW4JmlqyGDA2&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPuTs_4z5xlkqbC96I

Request Chain 136

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFqZo5Qb2ix_GymQXHm3uXM&google_cver=1&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RAlc4j_7qa4Jl5Ki5te7yODkc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFqZo5Qb2ix_GymQXHm3uXM&google_cver=1&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RAlc4j_7qa4Jl5Ki5te7yODkc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU0MTk1NDAzOTQxMzA3ODcwNA&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RAlc4j_7qa4Jl5Ki5te7yODkc

Request Chain 137

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA8NQMC8X5jDG4GROw5MJW8&google_cver=1&google_push=AavPq0NgN1u6zUNImTR4H9ghGdMdaGFPu89smHr7zbnPQ61SmbfUNY-8CiK8t8Ut1JySpdeXfJftP_8Js9XlHj2aOnFi0M1pdAJfwA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NgN1u6zUNImTR4H9ghGdMdaGFPu89smHr7zbnPQ61SmbfUNY-8CiK8t8Ut1JySpdeXfJftP_8Js9XlHj2aOnFi0M1pdAJfwA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673106287093 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8231e21b-b4c8-47b0-8fe0-348ad86db5ad-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NgN1u6zUNImTR4H9ghGdMdaGFPu89smHr7zbnPQ61SmbfUNY-8CiK8t8Ut1JySpdeXfJftP_8Js9XlHj2aOnFi0M1pdAJfwA%26google_hm%3DA4Ix4hu0yEewj-A0ithtta0

Request Chain 139

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO6QNG1lshOO7IdUDAsttbg&google_cver=1&google_push=AavPq0NcbOswkQNw5IUUvQUTZ4rDucQ6eq5UyF3AwnJOkEIIp1C3VHoPCtnFMQjkytofTXuCIYX21pKvE9sOLTYNTOEJ1K8phm7JXY8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NcbOswkQNw5IUUvQUTZ4rDucQ6eq5UyF3AwnJOkEIIp1C3VHoPCtnFMQjkytofTXuCIYX21pKvE9sOLTYNTOEJ1K8phm7JXY8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 140

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7IGlZP8jYm8EQh5Ety6zzZ0O88SitNYCo24ub_PPPAUjrj616A1smRwwNujwn_tMfi4n3FL4 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENImCZSvVRzTkGKe9RSCLCU%26google_cver%3D1%26google_push%3DAavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7IGlZP8jYm8EQh5Ety6zzZ0O88SitNYCo24ub_PPPAUjrj616A1smRwwNujwn_tMfi4n3FL4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzYxOTc2Mzg1MTA5MzAyMTk3Nw%3D%3D&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7IGlZP8jYm8EQh5Ety6zzZ0O88SitNYCo24ub_PPPAUjrj616A1smRwwNujwn_tMfi4n3FL4

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO0k1i_fn5u6J-sOb0kGpyY&google_cver=1&google_push=AavPq0OM0WJmpUmZNzf7nUGVDFt2fHsjl2BmAIpfaVF3M7l-wYgmBF01pSML_hVCKproIo3NrG5R3EpqRXGQ2yG4pz0BUVv3zPqcyYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO0k1i_fn5u6J-sOb0kGpyY&google_push=AavPq0OM0WJmpUmZNzf7nUGVDFt2fHsjl2BmAIpfaVF3M7l-wYgmBF01pSML_hVCKproIo3NrG5R3EpqRXGQ2yG4pz0BUVv3zPqcyYU

Request Chain 157

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDpd-S7kJilbobWHVlVz9rQ&google_cver=1&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCoddk8o5txg4BCDVqI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bwRquYNnRX6hyXlVb7murg2&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCoddk8o5txg4BCDVqI

Request Chain 159

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJHDv3rrxxvTsrXTxwPZ-n0&google_cver=1&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin35qlxf5xM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin35qlxf5xM&google_hm=eS16ZF9pd2c1RTJwRlNqWmZZN0Vodm9nQ2M3QTFUSWJGd35B

Request Chain 164

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELf8y_TkkeyHUHNm7ETcQ6Y&google_cver=1&google_push=AavPq0PDTelCKpfBdVKDjyWJvcpmJj9SALpFVYBx29Ez393mvrgzcU1aDbIP-z5vtGfNFj2M6uWN36S71Z7rLeareypkJe4EMiiSgF8Jd_Csa0pb3QR1HA0P31R-cguh2SWx0RUO9zmXICOOZ4ah8fkHyjfvww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU0ODM3NTc5OTQwNDY0MTI0Mw==&gdpr=&gdpr_consent=

Request Chain 165

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHItHm7p6UfJXJ-If_a0Nsk&google_cver=1&google_push=AavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHItHm7p6UfJXJ-If_a0Nsk&google_cver=1&google_push=AavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6KowIOapVZhghCL1AgGHo&google_cver=1&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5Dck-OkFnBFmpeRwrDMY_muXaGuZsL-iagwO664TA2CggOXb09GRKZg8yZV8-37 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5Dck-OkFnBFmpeRwrDMY_muXaGuZsL-iagwO664TA2CggOXb09GRKZg8yZV8-37&google_hm=eS1Rd3FrOGxGRTJwRk9EaU1xZ1cxdURtd0NQOUpUZl9tQn5B

Request Chain 168

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHxtSqEBt5x7oSWQ73zGJvM&google_cver=1&google_push=AavPq0M6UXfkQn9ulIaj2-3O06OIaef1dp7qBdjcXGiGqtqR-fak5XUvl1TBJ9ggZV3ykdvSnaZD8DaGV1mCWGyLe7t2KpAN_zRx2xT1Sh-8ac3hCVeeneA5MeVijey0SK7exlGe64wNqG1gZ0JDS_N9YogSYg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHxtSqEBt5x7oSWQ73zGJvM&google_cver=1&google_push=AavPq0M6UXfkQn9ulIaj2-3O06OIaef1dp7qBdjcXGiGqtqR-fak5XUvl1TBJ9ggZV3ykdvSnaZD8DaGV1mCWGyLe7t2KpAN_zRx2xT1Sh-8ac3hCVeeneA5MeVijey0SK7exlGe64wNqG1gZ0JDS_N9YogSYg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VZD8iH73SUC6sMTpkpZAvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M6UXfkQn9ulIaj2-3O06OIaef1dp7qBdjcXGiGqtqR-fak5XUvl1TBJ9ggZV3ykdvSnaZD8DaGV1mCWGyLe7t2KpAN_zRx2xT1Sh-8ac3hCVeeneA5MeVijey0SK7exlGe64wNqG1gZ0JDS_N9YogSYg

Request Chain 169

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHmmZ6-xCjS0D-XGKBx56c4&google_cver=1&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRVoZ7urYCjhHj1RERgSyEcB630KSPXeQcie6Yyvz5SPF9sYs9f1W_ZjpQGPRREJqIwdzb6NPZLD5C0uqPKclQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENNNEE5TFMtMUgtTDg2MQ==&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRVoZ7urYCjhHj1RERgSyEcB630KSPXeQcie6Yyvz5SPF9sYs9f1W_ZjpQGPRREJqIwdzb6NPZLD5C0uqPKclQ

169 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
loli17.my.id/secure-online-credit-card-and-bank-account/
Redirect Chain

http://ooo-nes.com/acc-rcvery.php?acctid=24TA24
https://s.id/1velI
https://lnk-primeamzoin-scurex31enckslogs.dedyn.io/?xXXxXXX
https://loli17.my.id/secure-online-credit-card-and-bank-account/

124 KB
41 KB

785ms
277ms

Document
text/html

128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

8361d165ade0d7cd3c6ff8876d168c47c3b43029e6e93111760b5313e6df9aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 07 Jan 2023 15:44:40 GMT
link: <https://loli17.my.id/wp-json/>; rel="https://api.w.org/" <https://loli17.my.id/wp-json/wp/v2/posts/31>; rel="alternate"; type="application/json" <https://loli17.my.id/?p=31>; rel=shortlink
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://loli17.my.id/xmlrpc.php
x-powered-by: WordOps

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 07 Jan 2023 15:44:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://loli17.my.id/secure-online-credit-card-and-bank-account/
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 style.min.css
loli17.my.id/wp-includes/css/dist/block-library/ 93 KB
13 KB 550ms
548ms Stylesheet
text/css 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-172a9"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:40 GMT

GET
H2 200 classic-themes.min.css
loli17.my.id/wp-includes/css/ 217 B
531 B 551ms
549ms Stylesheet
text/css 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/css/classic-themes.min.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-d9"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:40 GMT

GET
H2 200 wp-emoji-release.min.js Show response
loli17.my.id/wp-includes/js/ 18 KB
5 KB 1208ms
1207ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-48b9"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 styles.css
loli17.my.id/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 1021ms
1019ms Stylesheet
text/css 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/plugins/contact-form-7/includes/css/styles.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:31:22 GMT
server: nginx
etag: W/"63a2c45a-af3"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 style.css
loli17.my.id/wp-content/themes/sahifa/ 155 KB
28 KB 1021ms
1020ms Stylesheet
text/css 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/themes/sahifa/style.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

908e3acdb85f8e3790f26fe832d22c34b9e116861b2d34df086dd0b67f102d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: W/"63a2c48d-26df1"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 skin.css
loli17.my.id/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
2 KB 1021ms
1020ms Stylesheet
text/css 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: W/"63a2c48d-1c79"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 754 B
835 B 592ms
101ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:10:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:40 GMT

GET
H2 200 jquery.min.js Show response
loli17.my.id/wp-includes/js/jquery/ 88 KB
31 KB 1021ms
1020ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/js/jquery/jquery.min.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-15e54"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
loli17.my.id/wp-includes/js/jquery/ 11 KB
4 KB 1021ms
1021ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-2bd8"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 1209ms
148ms Script
text/javascript 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7969019603206110

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

3bff4188d3a21c9bb949ca28fdad752c16a3e4d5a41d06529aa64d0e2f0555ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Origin: https://loli17.my.id
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49604
x-xss-protection: 0
server: cafe
etag: 6312516612044595973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Jan 2023 15:44:42 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 827ms
74ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 160471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAGGGXl%2B410au9gw6j76HnkExT3uwzEAhx4s7K%2B%2BGT5BaNmE1bLMbVqSZdCThYxQ4KATirM4B%2BscVBBP8QoWP%2BdhVdwxF4b%2FXVMtX8HytGLU89Khw9l75vOWOhJzM0%2B9nBBHPhXR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 785dd0f13a40991a-ARN
expires: Thu, 28 Dec 2023 15:44:41 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
757 B 388ms
91ms Image
image/gif 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:37:05 GMT
x-content-type-options: nosniff
age: 457
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 29 Dec 2022 23:25:46 GMT

GET
H2 200 index.js Show response
loli17.my.id/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 221ms
221ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/plugins/contact-form-7/includes/swv/js/index.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:31:22 GMT
server: nginx
etag: W/"63a2c45a-2945"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:41 GMT

GET
H2 200 index.js Show response
loli17.my.id/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 1221ms
1221ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/plugins/contact-form-7/includes/js/index.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:31:22 GMT
server: nginx
etag: W/"63a2c45a-316c"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 tie-scripts.js Show response
loli17.my.id/wp-content/themes/sahifa/js/ 72 KB
21 KB 1207ms
1205ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/themes/sahifa/js/tie-scripts.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: W/"63a2c48d-12161"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 ilightbox.packed.js Show response
loli17.my.id/wp-content/themes/sahifa/js/ 78 KB
25 KB 1207ms
1206ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/themes/sahifa/js/ilightbox.packed.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: W/"63a2c48d-137ad"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 comment-reply.min.js Show response
loli17.my.id/wp-includes/js/ 3 KB
2 KB 1208ms
1206ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-includes/js/comment-reply.min.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 20 Dec 2022 11:06:31 GMT
server: nginx
etag: W/"63a19737-ba5"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 search.js Show response
loli17.my.id/wp-content/themes/sahifa/js/ 15 KB
4 KB 1208ms
1207ms Script
application/javascript 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://loli17.my.id/wp-content/themes/sahifa/js/search.js

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/secure-online-credit-card-and-bank-account/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: W/"63a2c48d-3aa2"
x-powered-by: WordOps
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Mon, 06 Feb 2023 15:44:42 GMT

GET
H2 200 body-bg7.png
loli17.my.id/wp-content/themes/sahifa/images/patterns/ 21 KB
21 KB 1205ms
1205ms Image
image/png 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loli17.my.id/wp-content/themes/sahifa/images/patterns/body-bg7.png

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: "63a2c48d-529a"
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21146
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home.png
loli17.my.id/wp-content/themes/sahifa/images/ 1022 B
1 KB 1204ms
1203ms Image
image/png 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loli17.my.id/wp-content/themes/sahifa/images/home.png

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: "63a2c48d-3fe"
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1022
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 377ms
308ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://loli17.my.id
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 71034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCf2BOLEoI%2FJR4h7orjs163sPN7t3D54WIJfVdKi49yB2H%2FCIlAdmkjyD7SzhdWRKw57dBgQmCu4qEHAo5UK8wYmCPlRnib6xx1Yt8G%2Bo%2Blkr8fpaq58WTXhu0s%2B9SH7liM6e8KtGPtTh9QYBuyRgzaR"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 785dd0f65b5fd977-HEL
expires: Thu, 28 Dec 2023 15:44:41 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 486ms
195ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loli17.my.id
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:12:28 GMT
x-content-type-options: nosniff
age: 81134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 17:12:28 GMT

GET
H2 200 stripe.png
loli17.my.id/wp-content/themes/sahifa/images/ 93 B
432 B 1193ms
1193ms Image
image/png 128.199.11.118
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loli17.my.id/wp-content/themes/sahifa/images/stripe.png

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/wp-content/themes/sahifa/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.11.118 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / WordOps

Resource Hash

23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:42 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 08:32:13 GMT
server: nginx
etag: "63a2c48d-5d"
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 93
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 367ms
87ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://loli17.my.id
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:32:24 GMT
x-content-type-options: nosniff
age: 151938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 21:32:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 327ms
155ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7969019603206110&plah=loli17.my.id&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7969019603206110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913956fabc559a4b497e97aa2fcd26a01845b280256cf6f334cf10fa4f5f254f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119795
x-xss-protection: 0
server: cafe
etag: 8039298870376789774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 Jan 2023 15:44:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/ Frame ED3B 10 KB
5 KB 789ms
599ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7969019603206110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 34652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 06:07:11 GMT
etag: 10353107486223812946
expires: Sat, 21 Jan 2023 06:07:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 431ms
216ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:43:56 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 623804467

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 1780ms
854ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4726666&@f16&@g1&@h1&@i1&@j1673106283660&@k0&@l1&@mSecure%20Online%20Credit%20Card%20and%20Bank%20Account%20%E2%80%93%20Secure&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-38098016&@b3:1673106284&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 7f3f5198415e472c722eef322606dcf21cb127f8c2c7129f8661ef73ce8e6b15

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 07 Jan 2023 15:44:45 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
694 B 455ms
228ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=loli17.my.id&callback=_gfp_s_&client=ca-pub-7969019603206110&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7969019603206110&plah=loli17.my.id&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c38a8d147647e070850ad99bc48c364da969ad11042e708f2411ff14fff7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
792 B 583ms
119ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=loli17.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 660ms
118ms Script
application/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loli17.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 329ms
328ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&tn=DIV&id=floatads&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 327ms
326ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://loli17.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F3 12 KB
5 KB 463ms
463ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&adk=3046330955&adf=2044148826&lmt=1673106283&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283141&bpp=5&bdt=2824&idt=732&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3431201498718&frm=20&pv=2&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aba4100efc6787f41a4cca90087d49a9b0ebb689be095ad6df394a48fec567da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:44 GMT
expires: Sat, 07 Jan 2023 15:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90CE 98 KB
33 KB 1518ms
1517ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97b0f5b35478ecfbf5c9430cc7213d9ee92e85c8f31b303a0547137a524ced99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33623
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
expires: Sat, 07 Jan 2023 15:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F65 72 KB
29 KB 1139ms
1138ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc018c9807419273f5e0aca85ee2d25675f036c91897f06fb2b362bc6886db01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:44 GMT
expires: Sat, 07 Jan 2023 15:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0035 84 KB
30 KB 912ms
912ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=3709164205&adf=1809588450&pi=t.ma~as.1508166016&w=728&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=728x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283149&bpp=1&bdt=2832&idt=791&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280%2C620x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=rzs0ByXFFp&p=https%3A//loli17.my.id&dtd=794

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

262ef4e6fba0fa4c46bb231dca0cb56c089cf783381a684a961b5ad03f60cc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:44 GMT
expires: Sat, 07 Jan 2023 15:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B70 86 KB
32 KB 1027ms
724ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

461951e4bf2ccf1d23adb5e4f67b5b2c151d6384b4f7bee80df9a249ef3417c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32869
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
expires: Sat, 07 Jan 2023 15:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C58 99 KB
35 KB 1109ms
807ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4723edfd75c026fc93a9d4928fdc39c098858d5573543cf2cef2331737244bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35048
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
expires: Sat, 07 Jan 2023 15:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA2D 88 KB
33 KB 1190ms
888ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68198950e5a66473e96ac2fb1150a809a0a95d6683dc9671ff9a3749ce846ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33814
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
expires: Sat, 07 Jan 2023 15:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BF1 88 KB
33 KB 1171ms
868ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4fa3381677097d0597b63cb8bf94d22dfc6c9be47a9df20db72e92f6a8ed15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loli17.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
expires: Sat, 07 Jan 2023 15:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0035 6 KB
672 B 375ms
101ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=3709164205&adf=1809588450&pi=t.ma~as.1508166016&w=728&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=728x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283149&bpp=1&bdt=2832&idt=791&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280%2C620x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=rzs0ByXFFp&p=https%3A//loli17.my.id&dtd=794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:03:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0035 2 KB
818 B 1453ms
1213ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0035 0
0 136ms
136ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFbTDbJO5Y_TABo2CtwerxLvwC8ShlqpupvuCwukQ3dyN1JQOEAEg-8TCkAFg95neAqABh_qxiynIAQmoAwHIA8sEqgTtAU_Q5G803IWX2ASv6QZ-ZPEZ1-4pfmKj0Wq85KB7D7QOdBOgi8uyXRzHV6Kot6jd_rK7kcXXnd4nz4zDPLrRGsujgWEOiREPIcGf9lFaPZZi7BVdSg7eawggRlzQw55_V3e3wzBXPjekXhiNHPxn7izRIh4FD12GMf7A11TwOw9oVbbazogfj9KHcXu5N3UnxOOjFPsbm_rt80VtYwHVdrC0XS3SMhhJKJ-tQh4E8XfKh675sWOqjigXJC4O6nYuCot-Dnk3msqeMIaMtxX7D450B-rS-TcJKoAfaLEiAT38EZ1v7pUj4-71nMfpzcAEioairKMEkgUECAQYAZIFBAgFGASgBi6AB4eygusDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpfMB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTc5NjkwMTk2MDMyMDYxMTAYAA&sigh=awQwN8YHGgM&uach_m=[UACH]&cid=CAQSGwDq26N9CAvNcktR6rls3T88485rAH0TaG2YBRgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=3709164205&adf=1809588450&pi=t.ma~as.1508166016&w=728&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=728x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283149&bpp=1&bdt=2832&idt=791&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280%2C620x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=rzs0ByXFFp&p=https%3A//loli17.my.id&dtd=794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 0035 24 KB
10 KB 333ms
96ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0035 3 KB
1 KB 535ms
299ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0035 18 KB
7 KB 443ms
207ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0035 156 KB
48 KB 488ms
252ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 0035 34 KB
15 KB 418ms
216ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15042254207363618657/ Frame 0035 20 KB
20 KB 854ms
620ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15042254207363618657/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26f0429fa16b6414e210d5410ba209abf36f89df85958664ded6db6453ecaa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:10:17 GMT
x-content-type-options: nosniff
age: 167668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20083
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 20:43:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 17:10:17 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5061937782309366151/ Frame 0035 5 KB
5 KB 533ms
300ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5061937782309366151/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e26f0e8dc122cb6795902283e47d3996954b4268177dda075d7fb0994e293f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 10:22:16 GMT
x-content-type-options: nosniff
age: 192149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4682
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 16:28:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 10:22:16 GMT

GET
H2 200 14498682416524610526
tpc.googlesyndication.com/simgad/ Frame 9F65 94 KB
94 KB 522ms
303ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14498682416524610526?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlM-yLQEb3SKPd4SZa_AfXF7uJI5g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd1c46f56830d4a0ccfc36425d7d477cc2ffd0afc53d52fa60371ebea307dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:49:50 GMT
x-content-type-options: nosniff
age: 348895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96052
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 14:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Jan 2024 14:49:50 GMT

GET
H3 200 adview Show response
googleads.g.doubleclick.net/pagead/ Frame 9F65 0
21 B 135ms
135ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_oQybJO5Y-yJAd2CwuIPn8-9eIjJ_vBtx72R_I0Rk4Pv1q4CEAEg-8TCkAFg95neAqABv8vmhQLIAQKoAwHIA8kEqgT5AU_QTJhI81nAui1IhRNpE7f-vV9yskqV94EUf1LtwwBm0xklI4MiV856aNkTHIieLjzSeyXnm0Qp54HVeyCoJCIky9NVBwsxhhLoN_jGxk8PhUCT-m1gziUTQZp2w_-sBV9lf-n6lTCP5gPAa7f52P85mrWlLy4OyIesWHTHL5qg2PvlUU4L97YCdCXCgNSb5uCTLnxLP0_yK5u3uFog_u1iLzhAWgYkyYcYQuYy0ohrVBPwnZ_DdzqKqjxuyEVGhxLkZyLIoDdZme9Vl0p59O-6984EDoysJVJQBBWtG5yjuo5i36cffl05kUTvcCYAfELo5FLp8R6pwsAE8YjNqtADkgUECAQYAZIFBAgFGASgBgKAB_-8gbMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0MIC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzk2OTAxOTYwMzIwNjExMBgA&sigh=Sj2EpBB9Lvg&uach_m=[UACH]&cid=CAQSGwDq26N9ymo17ebzXwln3Re4vfWBGLdfvnNP1RgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 9F65 24 KB
9 KB 490ms
283ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 9F65 3 KB
1 KB 1418ms
1212ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 9F65 18 KB
7 KB 496ms
290ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F65 156 KB
48 KB 744ms
538ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 9F65 34 KB
14 KB 1419ms
1213ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f38a0ed3206d87e07bdce897f9345a89668d40a5770aca379097801c40cb45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 09:06:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13784
x-xss-protection: 0
server: cafe
etag: 1993361107838199930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 09:06:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 90CE 8 KB
895 B 487ms
486ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:03:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 90CE 2 KB
765 B 941ms
745ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 90CE 24 KB
10 KB 653ms
459ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 90CE 3 KB
1 KB 918ms
743ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 90CE 18 KB
7 KB 655ms
461ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90CE 156 KB
48 KB 635ms
635ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 90CE 34 KB
14 KB 296ms
295ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0B70 4 KB
621 B 472ms
471ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 90CE 0
0 141ms
141ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC6KYbJO5Y9iBAZOntwe70qqoD4jJ_vBtxbH-9NkQ2LCOwYsOEAEg-8TCkAFg95neAqABv8vmhQLIAQmoAwHIA8sEqgT5AU_QMo-22d6gcSViDHcwUYIpzif9p70d_d0j1lUBTS9U9LZRURr5P-Z7VnNu7pIGr0oOg6fDPqCNZhbMQk1ZuN9HmBzy2lND5s-Kcybo06rOFc9xY-cUhQzZLuEer2eDtBbyI-dws5tYc5n7yeGWRPbSaNV-NHR3mQBm2Yb6SHvFMJNkSLEmFUxoooA0D2EcI8vKsn0_02oeV8n5gAFfewKDPYrcMofJF59Te2Y--__Cb6ZQCqDk5HwCcGxpHdV1eptQ2Oovf5o7sZK8nlcQ9f7srFoion0m00-pSsoUjBrYoq-pasD2xRZBefqCSM3KXIpUYvVoNDyRUMAE8YjNqtADkgUECAQYAZIFBAgFGASgBi6AB_-8gbMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9LcC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAPQFQGAFwGyFxwKGggAEhRwdWItNzk2OTAxOTYwMzIwNjExMBgA&sigh=o-vY5vKoQ9Q&uach_m=[UACH]&cid=CAQSGwDq26N9JwWS2s7SXCM3Qo43HJOZgFQMJJYzYBgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4923385198861856958/ Frame 90CE 33 KB
33 KB 658ms
487ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4923385198861856958/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=575817952&adf=2317504221&pi=t.ma~as.1508166016&w=997&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=997x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283146&bpp=2&bdt=2830&idt=761&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eaMyfq9P9m&p=https%3A//loli17.my.id&dtd=767

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998977928a5ea657a352e3907f7887b86984605d1dee595c16be956911ea4648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 11:32:13 GMT
x-content-type-options: nosniff
age: 15153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33617
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 16:03:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 11:32:13 GMT

GET
DATA 200
OK truncated
/ Frame 90CE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 90CE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0B70 2 KB
765 B 872ms
742ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 adview Show response
googleads.g.doubleclick.net/pagead/ Frame 0B70 0
17 B 248ms
247ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJm3jbJO5Y8-3No7xtweJnLboAs784q1u1L29sosRzeDlu48OEAEg-8TCkAFg95neAqABt5iBoijIAQmpAn1Tmn5L13o-qAMByAPLBKoE8wFP0DozmQEJkyTuN3NTdrMOhdBLfpzPhcp4G4j-hHKKEBQzQpApvgN9uDpOJI5pQrX7Q8lBjK3Do4PibPHElIrY9pObKfSPxysZ0U9jyKpvMDitaEQRfqM-C7Zv1j3hf08lP7ahSQerEvzWHt1ibcOG4FIG3sWa1a08QXVpY0pNHYo0R6wDoabwf5FH4h5KRPSNxrLSHetCkBDmYSm9OkxOl-QQ2FSbYLnnDHgpcHvy0q05-ZLKtQWq8FoaHuOaetsEsGis0y6WaoZLr1_7tL7wc2KukQabniJ6xmiHlIVwyrwl_ZzjBiFxn0d0akAHdx-BL3vABNzh84OUBJIFBAgEGAGSBQQIBRgEoAYugAerz426A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJiODtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi03OTY5MDE5NjAzMjA2MTEwGAA&sigh=nMt0n-eopLk&uach_m=[UACH]&cid=CAQSPADq26N9FDwCOGPl9r97-t2cZ93EkyaIQdSRDqSw000oIybpHuEFX7vyRKbTZEMvDKDH_rivn_SIwIQkAxgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8477965754602598805/ Frame 0B70 12 KB
12 KB 788ms
661ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8477965754602598805/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92316167585804207082bfd4c250c99f20f98fa295b84afe49dc1e33e22e59aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 08:59:53 GMT
x-content-type-options: nosniff
age: 456293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:40:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jan 2024 08:59:53 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2859918760069633959/ Frame 0B70 12 KB
12 KB 901ms
774ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2859918760069633959/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41bcbca3a968dded125027614dd2b87be0d0a46b06bbf480f3e571338725cb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 12:28:50 GMT
x-content-type-options: nosniff
age: 443756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12758
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:27:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jan 2024 12:28:50 GMT

GET
DATA 200
OK truncated
/ Frame 0B70 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 8C58 8 KB
895 B 405ms
404ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 14:58:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 0B70 24 KB
9 KB 671ms
558ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0B70 3 KB
1 KB 856ms
744ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 0B70 18 KB
7 KB 832ms
720ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0B70 0
0 331ms
116ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYJbQzrhw3DZ7fT_dJb5Cwf9wt9eoyHGFsJYyy3dkKI5GF6VFAWIZhcW5v7TsIWov8budqeQS0yAsiNt3NwoZv_iarLw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B70 156 KB
48 KB 581ms
580ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 0B70 34 KB
14 KB 574ms
273ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 8C58 2 KB
765 B 814ms
749ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C58 0
0 490ms
489ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJFpjbJO5Y6ahNoaXtwe23bCQCMShlqpupvuCwukQ3dyN1JQOEAEg-8TCkAFg95neAqABh_qxiynIAQmoAwHIA8sEqgTtAU_QM-SXKN5-wYZkl_IKmfuEzkavHiZSXnzx34NLCYdjNt0aGaJe_TlecT5kMZwdLJ48SklsnViGmW32Fs5-8_ARieJD20sl8ko4I9Po_FtaB49KnDFTJ46JZcX_o-YSJLj-gmlJh-YhBkzjL-veGDYTpXWBybS-HKmkG9eU12Ok8lx3ERwNIQdIiswpHRoO6R2hTv1VUImkEfwVFszod47Hzl82vbQ1WyLjD5Rm5MjVD5Ycub_BzkGbdXMtpWpkKNkZDRhoMzBxuYAba45HoS5f-MOk34qZudy391Z1n7l1b_Ytxr-LwC1G9DtF3MAEioairKMEkgUECAQYAZIFBAgFGASgBi6AB4eygusDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxcYE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNzk2OTAxOTYwMzIwNjExMBgA&sigh=s_kQvrhArcw&uach_m=[UACH]&cid=CAQSPADq26N9HDK50t8Rdjh6anK6zVMcX80NJPQ4PQLOHPo5IaLq_5pfi2mFCf_skEahtnswpJmuHVsC__jF3xgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10594760449835782054/ Frame 8C58 28 KB
28 KB 824ms
773ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10594760449835782054/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69a2729fe2ba28c9d99bca665016fd00170b5c8c638002d441fb688ba09ff4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 05:03:35 GMT
x-content-type-options: nosniff
age: 124871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28983
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 20:42:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jan 2024 05:03:35 GMT

GET
DATA 200
OK truncated
/ Frame 8C58 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C58 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FBB 143 B
166 B 106ms
104ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 2239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:07:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0035 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85e8dec851635c22875b48868af253391c2e3bc8251e41310a907e83930b0139

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 5BF1 6 KB
672 B 102ms
102ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:04:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5BF1 2 KB
765 B 774ms
750ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 5BF1 24 KB
9 KB 601ms
577ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5BF1 3 KB
1 KB 751ms
749ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5BF1 18 KB
7 KB 619ms
596ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5BF1 0
0 223ms
118ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ64C8m1RS7DZBstOl5zsuvhXP3qKOSIIYXeNhbDoW_8Zlmm8OQqoxZhvRQKSah8fJ2I3ksm2HnnJbs7FsvBF7A-fQs5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BF1 156 KB
48 KB 567ms
267ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:46 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 5BF1 34 KB
14 KB 446ms
193ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 8C58 24 KB
9 KB 635ms
612ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 8C58 2 KB
765 B 773ms
750ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 8C58 3 KB
1 KB 773ms
751ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 8C58 18 KB
7 KB 751ms
729ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8C58 0
0 239ms
115ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT92JopMZWKbOvfSlLxz9bFYYYiJiFQaG-LmuZcS9O2scHy5Epeh_HWttsm2pXaoAnlUD_2dt99XGKm9pngK9OBn3TVTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C58 156 KB
48 KB 524ms
222ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:46 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 8C58 34 KB
14 KB 469ms
198ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA2D 4 KB
621 B 299ms
298ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 15:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:05:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BF1 0
0 293ms
292ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXNJZbZO5Y-D3Ac6kngWVh5igAbC2gIVt7Nuh3Z0QpOfy7ZUCEAEg-8TCkAFg95neAqABpc2koQLIAQmpAg74ZDRr9ag-qAMByAPLBKoE8QFP0JF82arTaR-XGHps64nsrlSeHOfwfBUVckJLEA5TGvWdm7pvjmEUY4WxIu26NRwhbi_Uy69PNQHE2iR9i3x_eY1qnLTzwbog8y9HvkQhqTunbvfdwa9_DVuNxzylGKPDfznPyWwIoKXxOBEF9MDpTjcrtwEJ3hY58OCT5Ct7wThIGRQnhTxS7pA3OqAsGtAsRkMk0sfz1t248YlOQdCsIrfWqogAXtQofCQfz2E7W8PUHPGBYbxeYHFVAPTuM1TOpkDiWhgiQSe0hMmKQKrHndi5AbBCOFIzFNSjaoI5F-6A4n4PbV69V3wUOKOdL70MwATolo_znASSBQQIBBgBkgUECAUYBKAGLoAHw7Lb3gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCSiwHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItNzk2OTAxOTYwMzIwNjExMBgA&sigh=mvakmXZanW0&uach_m=[UACH]&cid=CAQSPADq26N9UdaXyzXpjR1Bv7-29xUczUcuH4YVsL2Dlm9PGxHSQjLjkGM1NZwfaP4SplZ8ynFqi_fuKQomxxgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/786107135774329358/ Frame 5BF1 952 B
979 B 767ms
767ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/786107135774329358/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69d84c94b8088f7b24102d03080f69d0e03cc8bf30c367d5271e8de859e8d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:27:40 GMT
x-content-type-options: nosniff
age: 537426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 952
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 14:06:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 10:27:40 GMT

GET
DATA 200
OK truncated
/ Frame 9F65 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0db447ee1882fe0a2a87d73019e33839cab73c8654cba8e5d36d57e007d5e9b3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FBB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

640ms
639ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:46 GMT
expires: Sat, 07 Jan 2023 15:44:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 15:44:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame BA2D 2 KB
765 B 718ms
718ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H3 200 adview Show response
googleads.g.doubleclick.net/pagead/ Frame BA2D 0
17 B 473ms
473ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyQHpbJO5Y4CPO6-T_tMP3-8g5NiUlm6nzbWa4BCgzb3WkQ4QASD7xMKQAWD3md4CoAH_iaK1AcgBCakC1g-vZ_kVCz6oAwHIA8sEqgTxAU_QwMbQ_iUYgKFejBkK3tMCBx6GwKxpfOw5TOV6qrsXirPET5VFJd3LqZKiso_b90QuqW1CqVm9wog0BnUrt3pMn2ex9E1IkNTJLcrQZgjI-vCO1H0G0-4tQ6OxqxuFLjJ3MxHqFWXFlL_MNI8gIvdUq0MUyc4bD3ucqj5LELFGxPELFPo3YgxfboHaRL7cGf1RreM_SzkLKt8vpA1DITZP4Q2blHyXw4YEnYNdb39Mu-EahVnHpq0VBOOBd41GdWlX2-02XYLhZmTA-7CmZXOLSgNBYtILGNgfvU3iFv-Frd8gMpGsnixPhuwe6IOTbzLABLGRlrqIBIgFv6zAwECSBQQIBBgBkgUECAUYBKAGLoAH6fXdygKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC1gALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdoLCAgREOWBzeVEuBPkA9gTDPoUMQoFCJIEMCEQ5YHN5UQiAggCIgIICiICCAgiAggBIgIIDCICCAswnNuzvEA41YbBgRjQFQGAFwGyFxwKGggAEhRwdWItNzk2OTAxOTYwMzIwNjExMBgA&sigh=8P5GLa_PBTw&uach_m=[UACH]&cid=CAQSPADq26N99Kr-oldrbHgQmxcVXpCJLdROUkzIOYHXfcoqOl8kCn9pZTiQpS00yThs8So4lQNjHPKtuW80tRgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Jan 2023 15:44:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame BA2D 24 KB
9 KB 496ms
496ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame BA2D 3 KB
1 KB 716ms
715ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame BA2D 18 KB
7 KB 508ms
507ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BA2D 0
0 242ms
241ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTio_0RpSNZDsAz5J4zyhHfK8_ERdiaN3oM5ZlwqAXfKkapCamoEyue90JG_Yj9sqhQMIp0rV9BTbw_JDcFn8BtzyPLgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA2D 156 KB
48 KB 600ms
283ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48907
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672933789069018"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 15:44:46 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame BA2D 34 KB
14 KB 303ms
196ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 20:17:57 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4040054753587853592/ Frame BA2D 5 KB
5 KB 687ms
687ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4040054753587853592/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc68ddaee456207aa78f31916068904f25844e363963644534e549f4062dd6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4939
x-xss-protection: 0
last-modified: Fri, 20 May 2022 08:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 15:44:46 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11376136150992444047/ Frame BA2D 38 KB
38 KB 694ms
693ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11376136150992444047/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba447365acf218efcd558a08aec2ed05e62092e5d6e8427da56777a8cabd605d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38475
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 04:14:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jan 2024 15:44:46 GMT

GET
DATA 200
OK truncated
/ Frame BA2D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 90CE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba4f8430df7294e03eee568a7e0ea2467ed3a36307009e557d702dc8e43ecf83

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E2BB 1 KB
643 B 104ms
100ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 29803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 08 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 57FF 1 KB
643 B 96ms
95ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 29803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 08 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 239D 1 KB
643 B 328ms
327ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 29803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 08 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BA2D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255464766ef228c13ac932038294a830e25b8d621b43ca5ef33e1e0223678e2d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5BF1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00263d02995cc968ccda6b63148d017003f1935ebe65faa1814c3c83ac1f9af1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2BB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMl0S7XF5Macc8or5SBlPyY&google_cver=1&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdA...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdAqizz8BVbiij3lQw

170 B
188 B

631ms
433ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdAqizz8BVbiij3lQw

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 07 Jan 2023 15:44:46 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PrZaiDZ0Xbhbn1Ae8pozjX73Z9bQOqDfGfwwZtsTXYzYrHOq4WXlRzSBuYMQmPn2oYBgO-Ot-fpYq2pGdAqizz8BVbiij3lQw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 07 Jan 2023 15:44:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2BB
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0OkjOdHXoZNJvDDYITOZTJTO0tAVDaX_f8Zog9kTq9veooE9sUNVXKP8UMRS6B6Jkh7ID0X_4Q3EQRW65esQAf4ev1410GtZUk&google_gid=CAESEM0sj3-Ezkgu2azD8sZtYQA&...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO-m5p0GEgUI6AcQAEIASnNnb29nbGVfcHVzaD1BYXZQcTBPa2pPZEhYb1pOSnZERFlJVE9aVEpUTzB0QVZEYVhfZjhab2c5a1RxOXZlb29FOXNVTlZYS1A4VU1SUzZCNkpraDdJRDBYXzRRM0VRUlc2NW...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb2RBeF9NdExiZk04TEZIVnRLSHZ5NGVyT2FEdmh4dFA2a3lMN00xYkpHMA==&google_push

170 B
188 B

338ms
337ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb2RBeF9NdExiZk04TEZIVnRLSHZ5NGVyT2FEdmh4dFA2a3lMN00xYkpHMA==&google_push

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Jan 2023 15:44:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb2RBeF9NdExiZk04TEZIVnRLSHZ5NGVyT2FEdmh4dFA2a3lMN00xYkpHMA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame E2BB 43 B
356 B 352ms
153ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGZfmqX3joNwXQ_8J0Jt8ks&google_push=AavPq0OJpUEkuINFYvNhYqPlsxqjqwL93jmFZ6N1Cn6DG6T2_Aq2AqqspJpRvva-iCCWhT7KOU3Q8oCgoDuC5Kw_xQdjRjl6v77UqyM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=60&adk=3219914523&adf=2746524361&pi=t.aa~a.1559085437~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1673106284&rafmt=1&to=qs&pwprc=7080301696&format=310x60&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284443&bpp=1&bdt=4126&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280%2C620x250&nras=5&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1588&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=Qgy3BVDtF5&p=https%3A//loli17.my.id&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:46 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET usermatchredir
ssum-sec.casalemedia.com/ Frame E2BB 0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame E2BB 0
0

GET

report
sync.teads.tv/um/ Frame E2BB
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELM_IjdiFsn6SRIuGOZ5VY8&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PpDmesMLErjzYKGbYm50gggB47moWW-KKlJpmWk9IMXXeeqExBXYfvIpBHp5RbhIwO2tQCEOKFlHytXoobL_nQWKPot8RUtH5I
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

0
0

GET https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame E2BB 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E2BB 0
223 B 324ms
107ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvsHDwtJCs2qcsNXLhOg1cQ2a18IaCfs9U5ec9W52lKi_rwgjuD45JMUCYVbmPFllvP9B6lJX-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 57FF 70 B
265 B 665ms
202ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDUl2q698SgFfBWj4uQRpw4&google_cver=1&google_push=AavPq0OmhxeaZTdoUAhzxJG1DVhACGODrmJYvrzcPvic4HNeJ0_wfSyCRz0x14InXB-I0ij_C7Y1sdJ1syoO81ZYIhWuvfjUEKNGf2g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57FF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBzEPOAYmRhESnIUufx666k&google_cver=1&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPu...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JQ6DwmCJRZ6vW4JmlqyGDA2&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPuTs_4z5xlkqbC96I

170 B
188 B

91ms
91ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JQ6DwmCJRZ6vW4JmlqyGDA2&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPuTs_4z5xlkqbC96I

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Jan 2023 15:44:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JQ6DwmCJRZ6vW4JmlqyGDA2&google_push=AavPq0PhdR9Wxk92q2b6FUceJ59htq2LO2DvQc8H7ymYNNCh1lDozD_fYDRJKV4A4-jMqmMfSN4koBU76fAyiOPuTs_4z5xlkqbC96I
x-host: tde-deliveryengine-production-769c9db745-q45rm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57FF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFqZo5Qb2ix_GymQXHm3uXM&google_cver=1&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFqZo5Qb2ix_GymQXHm3uXM&google_cver=1&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU0MTk1NDAzOTQxMzA3ODcwNA&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7...

170 B
188 B

92ms
92ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU0MTk1NDAzOTQxMzA3ODcwNA&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RAlc4j_7qa4Jl5Ki5te7yODkc

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU0MTk1NDAzOTQxMzA3ODcwNA&google_push=AavPq0NihoD4zRtRb5LzT3hzxi2hWIoU7yveLB41cJ3C773f6-WQhZn0vrESAMQExCbflp4pjtMbI7RAlc4j_7qa4Jl5Ki5te7yODkc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

RX-8231e21b-b4c8-47b0-8fe0-348ad86db5ad-003
sync.targeting.unrulymedia.com/csync/ Frame 57FF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NgN1u6zUNImTR4H9ghGdMdaGFPu89smHr7zbnPQ61SmbfUNY-8CiK8t8Ut1JySpdeXfJftP_8Js9XlHj2aOnFi0M1pdAJfwA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-8231e21b-b4c8-47b0-8fe0-348ad86db5ad-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NgN1u6zUNImTR4H9ghG...

0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 57FF 0
0

GET

report
sync.teads.tv/um/ Frame 57FF
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO6QNG1lshOO7IdUDAsttbg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NcbOswkQNw5IUUvQUTZ4rDucQ6eq5UyF3AwnJOkEIIp1C3VHoPCtnFMQjkytofTXuCIYX21pKvE9sOLTYNTOEJ1K8phm7JXY8
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57FF
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENImCZSvVRzTkGKe9RSCLCU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzYxOTc2Mzg1MTA5MzAyMTk3Nw%3D%3D&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7I...

170 B
188 B

97ms
97ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzYxOTc2Mzg1MTA5MzAyMTk3Nw%3D%3D&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7IGlZP8jYm8EQh5Ety6zzZ0O88SitNYCo24ub_PPPAUjrj616A1smRwwNujwn_tMfi4n3FL4

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 07 Jan 2023 15:44:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.34.134.146; 194.34.134.146; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4ec12a23-e02b-4e13-999e-24bb9acc76fd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzYxOTc2Mzg1MTA5MzAyMTk3Nw%3D%3D&google_gid=CAESENImCZSvVRzTkGKe9RSCLCU&google_cver=1&google_push=AavPq0OR4M3f7kLYN5-2CLPK4BqFnqyN7IGlZP8jYm8EQh5Ety6zzZ0O88SitNYCo24ub_PPPAUjrj616A1smRwwNujwn_tMfi4n3FL4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 57FF 0
40 B 322ms
109ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO78JbjH8r4PbKRTCtfZJd891qE6Ua1MCDsX1voDRCLCmOKKd6fPhbU4kQuwPOJjWsFaAlHKc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 02DF 1 KB
643 B 96ms
96ms Document
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 29803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 08 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 90CE 28 KB
28 KB 581ms
383ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 151746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 21:35:41 GMT

GET
DATA 200
OK truncated
/ Frame 0B70 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf519ceeb33a362216628aa5abcb91386d3714ff8a163888e10518d45a1a888

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BF1 15 KB
15 KB 747ms
573ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 68643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BF1 15 KB
16 KB 693ms
520ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 428395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BF1 15 KB
15 KB 720ms
547ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 158552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0B70 15 KB
16 KB 582ms
421ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 428395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame B2F6 36 KB
16 KB 192ms
192ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
DATA 200
OK truncated
/ Frame 8C58 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62e3ca3993cf2c50581512d69d4896979980d76bfd5869d8b3a1dd693a6ccd36

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8C58 28 KB
28 KB 510ms
382ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 151746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 21:35:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0035 15 KB
15 KB 705ms
587ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 68643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0035 15 KB
16 KB 716ms
598ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 428395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0035 15 KB
15 KB 728ms
611ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options: nosniff
age: 158552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 19:42:15 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 71AA 36 KB
16 KB 140ms
139ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO0k1i_fn5u6J-sOb0kGpyY&google_push=AavPq0OM0WJmpUmZNzf7nUGVDFt2fHsjl2BmAIpfaVF3M7l-wYgmBF01pS...

170 B
188 B

90ms
90ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO0k1i_fn5u6J-sOb0kGpyY&google_push=AavPq0OM0WJmpUmZNzf7nUGVDFt2fHsjl2BmAIpfaVF3M7l-wYgmBF01pSML_hVCKproIo3NrG5R3EpqRXGQ2yG4pz0BUVv3zPqcyYU

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220031-HHN
pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1673106287.299839,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO0k1i_fn5u6J-sOb0kGpyY&google_push=AavPq0OM0WJmpUmZNzf7nUGVDFt2fHsjl2BmAIpfaVF3M7l-wYgmBF01pSML_hVCKproIo3NrG5R3EpqRXGQ2yG4pz0BUVv3zPqcyYU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02DF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDpd-S7kJilbobWHVlVz9rQ&google_cver=1&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCod...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bwRquYNnRX6hyXlVb7murg2&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCoddk8o5txg4BCDVqI

170 B
188 B

91ms
91ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bwRquYNnRX6hyXlVb7murg2&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCoddk8o5txg4BCDVqI

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Jan 2023 15:44:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bwRquYNnRX6hyXlVb7murg2&google_push=AavPq0N2fHPWBj3r7iG6uxeqgurbs3LkQs_5vfAH-CqJEi4GC8f6fpdxia5yO501KswRPrQaDMMAzpXpXbDxVCoddk8o5txg4BCDVqI
x-host: tde-deliveryengine-production-769c9db745-9rdk2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET sync
x.bidswitch.net/ Frame 02DF 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02DF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJHDv3rrxxvTsrXTxwPZ-n0&google_cver=1&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin3...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin35qlxf5xM&google_hm=eS16ZF9pd2c1RTJwRlN...

170 B
188 B

489ms
433ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin35qlxf5xM&google_hm=eS16ZF9pd2c1RTJwRlNqWmZZN0Vodm9nQ2M3QTFUSWJGd35B

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Jan 2023 15:44:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OPDcjS9G5e6PwMeARF6IUwacU1QmUNUOHZbsKNP3YYUc7xA_SkLlhYgMZaqUyRhFSbT9YA74p-iyjDO5fMnzamin35qlxf5xM&google_hm=eS16ZF9pd2c1RTJwRlNqWmZZN0Vodm9nQ2M3QTFUSWJGd35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 02DF 43 B
351 B 773ms
95ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPv-CCs73AwTLBHlKvwu4vY&google_cver=1&google_push=AavPq0PKcz8GZRkzLeHPr59FaaZHYNCDSETYYmSCIRCIJwplXx_vrLcU7243UqjTCJM4-nGXVUAlrByAKZRpISkOeYBuO0L-Cg1d9M4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=2279681578&pi=t.aa~a.363905462~i.9~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280&nras=2&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=uVP4iUrncE&p=https%3A//loli17.my.id&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vr062tq7i46kpkq37hnu0oue6fj2ct4j

GET ebda
eb2.3lift.com/ Frame 02DF 0
0

GET https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 02DF 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 02DF 0
40 B 197ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IM3ruLBZLF-oA7InoKiXgVUgN3BfXzSlW4-E0dw91Dhw_i5GztN1Gvy1aaYTv_wVkJyzHo4A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

pixel
cm.g.doubleclick.net/ Frame 239D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELf8y_TkkeyHUHNm7ETcQ6Y&google_cver=1&google_push=AavPq0PDTelCKpfBdVKDjyWJvcpmJj9SALpFVYBx29Ez393mvrgzcU1aDbIP-z5vtGfNFj2M6uWN36S71Z7rLeareypkJe4EMiiSg...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU0ODM3NTc5OTQwNDY0MTI0Mw==&gdpr=&gdpr_consent=

0
0

GET

i.match
s.tribalfusion.com/z/ Frame 239D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHItHm7p6UfJXJ-If_a0Nsk&google_cver=1&google_push=AavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43u...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHItHm7p6UfJXJ-If_a0Nsk&google_cver=1&google_push=AavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk4...

0
0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 239D 70 B
264 B 584ms
329ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF3yjQWk4fNfTX1A5bhBgBM&google_cver=1&google_push=AavPq0PqXzlIdUQ_RBldjlhUgg6MZHc3l_ZA4P3X28GBPaKrKTgB5iR52lFKBo828-uJVMKVmGa0JrCWVAKJIiLg-O__8zjyl6zjlvGcZ6VRhztVX__LBD1uL9fd_bt1602DDNWNSiZml73FL9xg9HaChIel
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=250&adk=3597276381&adf=639496355&pi=t.aa~a.363905462~i.23~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x250&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=1&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280%2C620x280&nras=4&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=2518&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=HFsnwvRfGe&p=https%3A//loli17.my.id&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 239D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC6KowIOapVZhghCL1AgGHo&google_cver=1&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5D...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5Dck-OkFnBFmpeRwrDMY_muXaGuZsL-iagwO664T...

170 B
188 B

489ms
433ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5Dck-OkFnBFmpeRwrDMY_muXaGuZsL-iagwO664TA2CggOXb09GRKZg8yZV8-37&google_hm=eS1Rd3FrOGxGRTJwRk9EaU1xZ1cxdURtd0NQOUpUZl9tQn5B

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Jan 2023 15:44:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0P-FwISDGMaELUo1QKV3nk2oKDUfJJSlk3uFuxQcgKL4jZdGV_9AiNuzbO1jpy0yZGT-aeZfZYRR1sT7eRrDQKDq5Dck-OkFnBFmpeRwrDMY_muXaGuZsL-iagwO664TA2CggOXb09GRKZg8yZV8-37&google_hm=eS1Rd3FrOGxGRTJwRk9EaU1xZ1cxdURtd0NQOUpUZl9tQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 239D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VZD8iH73SUC6sMTpkpZAvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

107ms
106ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VZD8iH73SUC6sMTpkpZAvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M6UXfkQn9ulIaj2-3O06OIaef1dp7qBdjcXGiGqtqR-fak5XUvl1TBJ9ggZV3ykdvSnaZD8DaGV1mCWGyLe7t2KpAN_zRx2xT1Sh-8ac3hCVeeneA5MeVijey0SK7exlGe64wNqG1gZ0JDS_N9YogSYg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VZD8iH73SUC6sMTpkpZAvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0M6UXfkQn9ulIaj2-3O06OIaef1dp7qBdjcXGiGqtqR-fak5XUvl1TBJ9ggZV3ykdvSnaZD8DaGV1mCWGyLe7t2KpAN_zRx2xT1Sh-8ac3hCVeeneA5MeVijey0SK7exlGe64wNqG1gZ0JDS_N9YogSYg
date: Sat, 07 Jan 2023 15:44:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 239D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHmmZ6-xCjS0D-XGKBx56c4&google_cver=1&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENNNEE5TFMtMUgtTDg2MQ==&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRVoZ7urYCjhHj1RERgSyEcB630KS...

170 B
188 B

92ms
92ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENNNEE5TFMtMUgtTDg2MQ==&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRVoZ7urYCjhHj1RERgSyEcB630KSPXeQcie6Yyvz5SPF9sYs9f1W_ZjpQGPRREJqIwdzb6NPZLD5C0uqPKclQ

Requested by

Host: loli17.my.id
URL: https://loli17.my.id/secure-online-credit-card-and-bank-account/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENNNEE5TFMtMUgtTDg2MQ==&google_push=AavPq0PvrxzJBpxLXSmWYu6SK3LxPZm44bcDo0vOUniyicJpN_PKUE-HHFVemGLwUVmyJQFybRVoZ7urYCjhHj1RERgSyEcB630KSPXeQcie6Yyvz5SPF9sYs9f1W_ZjpQGPRREJqIwdzb6NPZLD5C0uqPKclQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 239D 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 239D 0
40 B 113ms
108ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8O6Jng3JbDvM5D_KAy6jiXAcRGZhuCSe1B77SkpTRNNGSC3_FnH58ZR59SSL18R15Gdyqqw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 15:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame B03B 36 KB
16 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&slotname=1508166016&adk=4019685679&adf=3670990824&pi=t.ma~as.1508166016&w=620&fwrn=4&fwrnh=100&lmt=1673106283&rafmt=1&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106283148&bpp=1&bdt=2831&idt=781&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C997x280&nras=1&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=q08SritAoj&p=https%3A//loli17.my.id&dtd=785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA2D 15 KB
16 KB 377ms
377ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:44:52 GMT
x-content-type-options: nosniff
age: 428395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 16:44:52 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame E224 36 KB
16 KB 98ms
98ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F65 42 B
174 B 513ms
212ms Fetch
image/gif 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjO0rYmL0x9tu2L2aDTuepLjj7Z82m6I-XCJyxydzgXIPRVZCBQy3pHl2CPyHOZdHatgAo1uu7udEMk3ImmmRpalFuflgrGdRqkkUmN0AgnqNskfJ-WRyMDqipPALFPvNhLUbD4g&sai=AMfl-YQjW8BHiP9nrXSZwK12sZAZI1Fw0hGl8DZQd7Esk5pUvGzVErr51B9_GyOt7EmGGsx_OBCl1e96v2Xh7Dk&sig=Cg0ArKJSzNJ12ih9z27ZEAE&cid=CAQSGwDq26N9ymo17ebzXwln3Re4vfWBGLdfvnNP1RgBIBM&id=lidar2&mcvt=1000&p=0,0,160,620&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4019685679&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673106283934&rpt=2220&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 15:44:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame EA78 36 KB
16 KB 97ms
97ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame E7DD 36 KB
16 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7969019603206110&output=html&h=280&adk=2928884389&adf=1824094591&pi=t.aa~a.363905462~i.13~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1673106284&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7080301696&ad_type=text_image&format=620x280&url=https%3A%2F%2Floli17.my.id%2Fsecure-online-credit-card-and-bank-account%2F&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673106284414&bpp=1&bdt=4097&idt=-M&shv=r20230104&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c8f10405190475-222bffe735db0032%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w&gpic=UID%3D00000b9f7699abcb%3AT%3D1673106284%3ART%3D1673106284%3AS%3DALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw&prev_fmts=0x0%2C997x280%2C620x280%2C728x280%2C620x280&nras=3&correlator=3431201498718&frm=20&pv=1&ga_vid=1314996006.1673106284&ga_sid=1673106284&ga_hid=1945113606&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071276%2C44774606%2C44779793&oid=2&pvsid=958341059105858&tmod=82638607&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=qCiJwyJesh&p=https%3A//loli17.my.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0035 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 1B27 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHrU9GGlWwMaCzaIiZgFKU0&google_cver=1&google_push=AavPq0PPLmc_d6GYIYGaCtR-Yh4XraTh5VT0TnVGs0ywLbTlfkbmXV5KgF8FEnlJ0Q6rgu1UpjtGkaKAKfO-jRY0k5GYlLebgtIjLZY

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM1mDZTvl2l-yv0csfebb08&google_cver=1&google_push=AavPq0MgHgHX19UDMVsHgdMvHR0c4pOnpGluIXtyz0zuW70weOBj6zvGjHfeYV_XeKwl0CEWwQMbR_-TxJSAB4MDPgLEN_PWDQ90c2U

Domain: sync.teads.tv
URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDsxtK9UU_MtGybvdlpNYzk&google_cver=1&google_push=AavPq0O9ERzoR2RA-vnZDJtxTs0BA8ywwHfOJBMsjnRYnLFSFEHnax7AK_GBxnhtRbHJ-5o-nrn04JYEJI5w6ZeZgS23g3q18zuNXrWL

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-8231e21b-b4c8-47b0-8fe0-348ad86db5ad-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NgN1u6zUNImTR4H9ghGdMdaGFPu89smHr7zbnPQ61SmbfUNY-8CiK8t8Ut1JySpdeXfJftP_8Js9XlHj2aOnFi0M1pdAJfwA%26google_hm%3DA4Ix4hu0yEewj-A0ithtta0

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDY-9n_PL6w4l9yqN9kzUo0&google_cver=1&google_push=AavPq0Ni_yOPLyPNaaw2jcrSllhUay3Z5GwtCZVNFThTZC0GBu7vT9y3wuMCuStZpX6F-H1mDlSXVJuSs3UTLudRp82Zxn5YvUGstQ0

Domain: sync.teads.tv
URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECdHyKxna5hvCPdDUL6XWNI&google_cver=1&google_push=AavPq0N2UF4YaI2_UOO2llZ0aDFeK-ZySu5Zx2jsZBLjYXT-5oCeW1RGVIY9uMVjRC8hRPNu4axuXLoiW0P-33y2Tr5PDplxKHOVVIs

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM_RT26cuvTsF88z0OHShZE&google_cver=1&google_push=AavPq0P1jiegMvB-7XHw8YKkP8P19cauEjdJodbOPSVJl79UYIKDcWwtoCguqJaN5T8YXxn4qkHkZOgI5nfFAjSDfQlNzAjrUVdy_U8

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF9R5TbrT6VIt0tfeaOFnMQ&google_cver=1&google_push=AavPq0MlvnIB56MCDyNA39O_4g3cRt4DPlWvCyY17v4m6cCPictT0lcYCERK7D9gCHj_JW5e1WGTcJB12y1OYZnCPXiSgcftfYzIwjVs

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU0ODM3NTc5OTQwNDY0MTI0Mw==&gdpr=&gdpr_consent=

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHItHm7p6UfJXJ-If_a0Nsk&google_cver=1&google_push=AavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mq51MwzOBiGBYAv_CtkSboEQWoEUABbVHH8ijheZPWvCRE6iz4bfO2881aUm0AGBKe7h8fGqeCq4JFObkG1ZhlsejHVk43uVFwDHWdNaVTgkm1y5fRzOVMT3ayfNvjCpCqnKy2Ek7wyW5ppwalxmM8zQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJQvLje87Ys46a2ZjD4mysg&google_cver=1&google_push=AavPq0NGcUY_vuRejMr4EK2pfZmBsSrXGxLHBsdwTVHqdq-MjaUObmPg4bF70aVVlakEkOEKoT22-MQXqFI78Yuy7kSvjlJCrUC6U1S20gmyaIr6q2kGQfQLRxS4jxSe-8sS67DxP9IISHrTyDwzDnf_3xSZWw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCvMdq1xLMjmQJ0EQ8h4GhpcWJxYejToMQaEnO2_s7qqtve1jmRVery6Rwhzwsus0aQC_vuZ-rabnfqdZocSfBzTkGzAdrgSKRFxIPFcKIoQclkLb9XHh62jHPfn0QFI09HXcD0Q&sai=AMfl-YQVSOMO6CXzmaXetgl-YRNwv6mB0rhRV0hVjk7WRV1ETJU3sErRaoPMQXA0QiJ3jMbox5an8i6Lv721NpI&sig=Cg0ArKJSzIhMtgFRSj17EAE&cid=CAQSGwDq26N9CAvNcktR6rls3T88485rAH0TaG2YBRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3709164205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673106283944&rpt=2615&met=mue&wmsd=0&pbe=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lnk-primeamzoin-scurex31enckslogs.dedyn.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8bf053dc2e322acef1a87be057a34060
loli17.my.id/	1970-01-20 17:30:42	Name: HstCfa4726666 Value: 1673106283660
loli17.my.id/	1970-01-20 17:30:42	Name: HstCla4726666 Value: 1673106283660
loli17.my.id/	1970-01-20 17:30:42	Name: HstCmu4726666 Value: 1673106283660
loli17.my.id/	1970-01-20 17:30:42	Name: HstPn4726666 Value: 1
loli17.my.id/	1970-01-20 17:30:42	Name: HstPt4726666 Value: 1
loli17.my.id/	1970-01-20 17:30:42	Name: HstCnv4726666 Value: 1
loli17.my.id/	1970-01-20 17:30:42	Name: HstCns4726666 Value: 1
.loli17.my.id/	1970-01-20 18:06:42	Name: __gads Value: ID=b7c8f10405190475-222bffe735db0032:T=1673106284:RT=1673106284:S=ALNI_MatX5PW0TlFN8Fe9IU4-JIv0v6Y6w
.loli17.my.id/	1970-01-20 18:06:42	Name: __gpi Value: UID=00000b9f7699abcb:T=1673106284:RT=1673106284:S=ALNI_Ma-CLXxnfwRi5wG2_8P75b0he_ixw
.doubleclick.net/	1970-01-20 18:06:42	Name: IDE Value: AHWqTUkvDfHx_5yc4puGrKhUUDSE25gbs1jLDYBQUSpMOFvIP0dNRfyNyAYzCBO2_TM
.doubleclick.net/	1970-01-20 08:45:09	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM1mDZTvl2l-yv0csfebb08&google_cver=1&google_push=AavPq0MgHgHX19UDMVsHgdMvHR0c4pOnpGluIXtyz0zuW70weOBj6zvGjHfeYV_XeKwl0CEWwQMbR_-TxJSAB4MDPgLEN_PWDQ90c2U Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ads.travelaudience.com
adservice.google.com
adservice.google.fi
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
lnk-primeamzoin-scurex31enckslogs.dedyn.io
loli17.my.id
match.adsrvr.org
odr.mookie1.com
ooo-nes.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rtb.openx.net
s.id
s.tribalfusion.com
s10.histats.com
s4.histats.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
eb2.3lift.com
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
s.tribalfusion.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync.targeting.unrulymedia.com
sync.teads.tv
x.bidswitch.net
104.17.24.14
128.199.11.118
142.250.184.226
142.250.201.194
142.251.208.98
151.101.66.49
162.241.121.60
185.29.132.245
185.64.189.115
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::2002
2a00:1450:400d:803::2001
2a00:1450:400d:804::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2001
2a00:f940:2:2:1:4:0:112
2a05:d018:d29:3601:9a06:e26f:40d0:e9d8
34.98.67.61
35.186.253.211
35.190.0.66
35.244.174.68
35.71.131.137
37.157.6.253
37.252.172.123
45.126.58.78
46.105.201.240
54.39.128.117
69.173.144.165
00263d02995cc968ccda6b63148d017003f1935ebe65faa1814c3c83ac1f9af1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db447ee1882fe0a2a87d73019e33839cab73c8654cba8e5d36d57e007d5e9b3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bf519ceeb33a362216628aa5abcb91386d3714ff8a163888e10518d45a1a888
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
255464766ef228c13ac932038294a830e25b8d621b43ca5ef33e1e0223678e2d
262ef4e6fba0fa4c46bb231dca0cb56c089cf783381a684a961b5ad03f60cc8c
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f38a0ed3206d87e07bdce897f9345a89668d40a5770aca379097801c40cb45f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3bff4188d3a21c9bb949ca28fdad752c16a3e4d5a41d06529aa64d0e2f0555ec
41bcbca3a968dded125027614dd2b87be0d0a46b06bbf480f3e571338725cb21
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
461951e4bf2ccf1d23adb5e4f67b5b2c151d6384b4f7bee80df9a249ef3417c9
4723edfd75c026fc93a9d4928fdc39c098858d5573543cf2cef2331737244bc0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd1c46f56830d4a0ccfc36425d7d477cc2ffd0afc53d52fa60371ebea307dc5
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5e26f0e8dc122cb6795902283e47d3996954b4268177dda075d7fb0994e293f5
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62e3ca3993cf2c50581512d69d4896979980d76bfd5869d8b3a1dd693a6ccd36
68198950e5a66473e96ac2fb1150a809a0a95d6683dc9671ff9a3749ce846ead
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c38a8d147647e070850ad99bc48c364da969ad11042e708f2411ff14fff7fa
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7f3f5198415e472c722eef322606dcf21cb127f8c2c7129f8661ef73ce8e6b15
8361d165ade0d7cd3c6ff8876d168c47c3b43029e6e93111760b5313e6df9aca
85e8dec851635c22875b48868af253391c2e3bc8251e41310a907e83930b0139
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908e3acdb85f8e3790f26fe832d22c34b9e116861b2d34df086dd0b67f102d7c
913956fabc559a4b497e97aa2fcd26a01845b280256cf6f334cf10fa4f5f254f
92316167585804207082bfd4c250c99f20f98fa295b84afe49dc1e33e22e59aa
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
97b0f5b35478ecfbf5c9430cc7213d9ee92e85c8f31b303a0547137a524ced99
998977928a5ea657a352e3907f7887b86984605d1dee595c16be956911ea4648
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fc68ddaee456207aa78f31916068904f25844e363963644534e549f4062dd6f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
aba4100efc6787f41a4cca90087d49a9b0ebb689be095ad6df394a48fec567da
ba447365acf218efcd558a08aec2ed05e62092e5d6e8427da56777a8cabd605d
ba4f8430df7294e03eee568a7e0ea2467ed3a36307009e557d702dc8e43ecf83
bc018c9807419273f5e0aca85ee2d25675f036c91897f06fb2b362bc6886db01
c26f0429fa16b6414e210d5410ba209abf36f89df85958664ded6db6453ecaa2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4fa3381677097d0597b63cb8bf94d22dfc6c9be47a9df20db72e92f6a8ed15b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69a2729fe2ba28c9d99bca665016fd00170b5c8c638002d441fb688ba09ff4c
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69d84c94b8088f7b24102d03080f69d0e03cc8bf30c367d5271e8de859e8d4e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

loli17.my.id Open in urlscan Pro 128.199.11.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

84 %HTTPS

39 %IPv6

35 Domains

40 Subdomains

22 IPs

8 Countries

1841 kBTransfer

4343 kBSize

12 Cookies

5 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

loli17.my.id Open in urlscan Pro
128.199.11.118 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

84 %
HTTPS

39 %
IPv6

35
Domains

40
Subdomains

22
IPs

8
Countries

1841 kB
Transfer

4343 kB
Size

12
Cookies

169 HTTP transactions
13 data transactions