blog.s.id Open in urlscan Pro
2606:4700:20::ac43:4b68  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://s.id/J3I-5 HTTP 302
   https://home.s.id/forbidden Page URL
   
2. https://s.id/1SV77?s=skip HTTP 302
   https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://s.id/J3I-5 HTTP 302
• https://home.s.id/forbidden

Request Chain 107

• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 110

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=jOkG-3xSTmxYbVBoaXVqR0pMdTFoODl2elBrS3dkU1BUNzBRaEdzYlN5a3cvK1ZCNlptd2RsbFM3dmkzRTduRnBmRXNPVUx0bFZDL25waldOdDg2eXF2RjlSVTQ1NzE4TlRqTHB2cS9xaWgzWHV0MzZvV3UxbmRSMkd0OGFibllUdEkySW14Y2NOUHZSejFYOUJxOU10dUJJQ3JIeGNJMCtueVJ4RU0yMlJqeFd4UnVYcWJyY2FEeUFOVmdmZlBzMzJIQXZLTlE0VGdnODZmTVIvckF0L2I5TDlnRWRKQk93UnZDU3JWZHpzdE9EVi8xZFUydFF2K1YzY24xZ1Z5SE9rSDZkM20vNXRKN1pOVHpsbG1hYXoySWovZz09fA&cppv=2

Request Chain 134

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOnnSxPFk9YwwgXLD6mG9So&google_cver=1&google_push=AXcoOmTlNCWsFcVErT3OTCjDomwgyWViE1mhLFYFv7wGy-7YmtoQ2aAegWFpffIPjASh8LZsGhVevAE9UIv1wc3b213h2wjOfvJx HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOnnSxPFk9YwwgXLD6mG9So&google_push=AXcoOmTlNCWsFcVErT3OTCjDomwgyWViE1mhLFYFv7wGy-7YmtoQ2aAegWFpffIPjASh8LZsGhVevAE9UIv1wc3b213h2wjOfvJx

Request Chain 137

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEK0K66KYn_mISYoZYFB6OgA&google_cver=1&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu4wCpk4amiz7aze7gvOOcf8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu4wCpk4amiz7aze7gvOOcf8

Request Chain 138

• https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRYwWRztrOxCT4vUMWcmGCQbdd3L2Z_xXz8KsLcpgNdDSxuyKb2QSCmZ5JRANMttDkx_7D9Eyrl7cSiT6HBiJ7gT19u1dz3&google_gid=CAESEGADL7w-mEHu6BGp_lKnDIw&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Nwa3njYJZ33lNilYQFl9TRCN2ewHMUiPvxXijg&google_push=AXcoOmRYwWRztrOxCT4vUMWcmGCQbdd3L2Z_xXz8KsLcpgNdDSxuyKb2QSCmZ5JRANMttDkx_7D9Eyrl7cSiT6HBiJ7gT19u1dz3

Request Chain 139

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJw6Jv_CG14T3NxYfrhsf3U&google_cver=1&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJw6Jv_CG14T3NxYfrhsf3U&google_cver=1&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ&google_hm=HcScuGZHyYyUafscSj2TY3AQ

Request Chain 141

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAZKSZEBu9ywOuUhsEF0TdM&google_cver=1&google_push=AXcoOmQQBtsVAI0M2cQ1wEK1SCZWbVXfzCseo9bbDDghDIwNttH6zRze7GfPLr8M84m3wOwl3rculYF_RVaTnnNb23FZQt7vm4mTaA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQQBtsVAI0M2cQ1wEK1SCZWbVXfzCseo9bbDDghDIwNttH6zRze7GfPLr8M84m3wOwl3rculYF_RVaTnnNb23FZQt7vm4mTaA HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 176

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFm5okRWq9S7E2pnj1Dsei0&google_cver=1&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIlt9uu9SobRcwO5xLkZSUZRixgNNdJ4h48cOsqcof2dD HTTP 302
• https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIlt9uu9SobRcwO5xLkZSUZRixgNNdJ4h48cOsqcof2dD&google_hm=QFBgj_huuSSuvkzKgggdRg

Request Chain 177

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 180

• https://d5p.de17a.com/cookies/google?google_gid=CAESEJEob9dv5FyAGVNq2zEzC3I&google_cver=1&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJEob9dv5FyAGVNq2zEzC3I&google_cver=1&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN

Request Chain 181

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ0XxLONe-zKFzsTuHKCciY&google_cver=1&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M&google_gid=CAESEJ0XxLONe-zKFzsTuHKCciY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU3MDA0NDUxNTMyMDY1MjU2MDcwOQ%3D%3D&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M

Request Chain 182

• https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEN-o5B4ubNTQwn7BIpRyAt8&google_cver=1&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-yiWSwYw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-yiWSwYw&google_hm=MzI2OTc3ODEzODYwNTE2NTA0Mw==

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	forbidden Show response home.s.id/ Redirect Chain https://s.id/J3I-5 https://home.s.id/forbidden	68 KB 22 KB	778ms 461ms	Document text/html	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash ea0523d74013cf646386833500a05d4d125407dce3ac41367e67a9fd288e8c1f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, max-age=0, must-revalidate cf-cache-status BYPASS cf-ray 812002faad471b9f-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 06 Oct 2023 18:36:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqKLBngg8wQqhZ6d4BVOwNOTyf8XJ7Y7vxsz1rpeIstVgRQa5bhAwhU0dhp3L%2BSoA4EaPw8og3r%2BdB%2FIRs2M2LmfjZyUAy3S47AiSASU26X5jRpHpnmfxb6XhbUORSYcC4sDeA8uxw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by Next.js x-xss-protection 1; mode=block Redirect headers cache-control private, max-age=15 content-length 0 date Fri, 06 Oct 2023 18:36:44 GMT location https://home.s.id/forbidden#action server nginx strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	montserrat.css home.s.id/assets/fonts/	3 KB 789 B	255ms 255ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/montserrat.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hGgVwwqdxyY%2BOVcizbPq%2B8XsiEKAa4TTempLxxwxMmEjnvkOT%2FTjVPLvYV6gEd4%2B%2FGcUAtKIqd%2FNIwIXMvX41hUpe0N9xurIZ%2Fnh5zbeHIKk4FS2miH3AOkLFLeKVMb%2BUDp91vFow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=3600 cf-ray 812002fd89dc1b9f-FRA
GET H2	200	work-sans.css home.s.id/assets/fonts/	4 KB 807 B	253ms 253ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/work-sans.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzIdBAqxJmCu6lMltMBOnZCwwYOokvZtRiyyCoZZnU1CC9%2FokjaDqYFFKf3f%2BpzPKSQiBHzhYIqF8H2sz5uUJpqy189PvE272J%2Frr7Wph0pgv41%2BqrNkKbo3RDdUZn40OOLVU84fRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=3600 cf-ray 812002fd89de1b9f-FRA
GET H2	200	734f0848b380bc53.css home.s.id/_next/static/css/	136 KB 21 KB	24ms 24ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/css/734f0848b380bc53.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 069972469e00180e474daee472c7e1d8bbc5b02ec5a48c3143e7d5728d755c6e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"22031-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFurh1z93b%2BMIeBrRzycbHbMPDsp5IEHWWuCZ6B8zxDt0gjzk6kF6AN1BWgWK%2Bx4%2BA69hG5WCmJLvoRWvrQzKSSeFwvO%2BxYMxgggS40RR1%2BZjIEnp7jB5gBlL%2F2DSEjgV5saVhb5JA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89e01b9f-FRA
GET H2	200	webpack-bb5d4f167654f3a7.js Show response home.s.id/_next/static/chunks/	4 KB 2 KB	25ms 23ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/webpack-bb5d4f167654f3a7.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24495ee35e43e3c2d057fa835a1b8bbc4e3517579cb3bb601139efce17a42bea Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"11af-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSFQnYUjzyxZCurEFqxcovmcW8A6sOchX%2BHNgKm%2B68O2%2F9BzOUKW0fGXecxD2th4gToJc%2BIKcIxdAr%2BMs6B5D%2BPZ%2BUMxTymKQxjbejP2X%2Bll2vwhZSO4hvG8VSlNpr%2Fjn%2FMv5T6pTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89e41b9f-FRA
GET H2	200	framework-c77b5ad42e6fa06c.js Show response home.s.id/_next/static/chunks/	138 KB 45 KB	29ms 28ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"2272b-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3PeefHFTktgWYMHwVg0TOB5J5LfahMDuSJan%2Bljx5E0ENOmWe6gXXn2F6uqLqgDLYzJAeAXa%2FWFHFvY%2FUOAuYMkfQy5DOwYQXYBB%2FQ8n7l%2B2Vl42HULu4ewX2lLKMBaSjse5ej6ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89e51b9f-FRA
GET H2	200	main-45f200f3cb6b7b3d.js Show response home.s.id/_next/static/chunks/	97 KB 29 KB	26ms 25ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"18214-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeuPShwcLEg89qlLq5Rb7dy34KvpuisnvHUzRu6pCOtZ0ph7986uCWGuP8MERWr82im9q8uJsn0Nt81oFY1ilOuwzYTHz7QPSqQzSAG%2FZhMJlezL8J1JYl2LA8Xr5AT9c66fwJXDpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89e61b9f-FRA
GET H2	200	_app-854f6090918e9e84.js Show response home.s.id/_next/static/chunks/pages/	377 KB 116 KB	35ms 33ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/_app-854f6090918e9e84.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6350515c1b2513db23c48eae1f87a0a6a2afb778a8caab29f9f05e82a8381e52 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"5e37e-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh8Nno%2F8kh7tvOseAjWaKCU4tLbi0hnDAKvzh3LLk5q3a%2B1Tu9MEyD1Tr8ItsG9VHECWBi47QstMHFRJwPBrMJnkaUbFVFDvAmf15QH7nqugKc%2FE%2BUWnaQK%2FHUNdPwLokYP9Y1D4ow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89e81b9f-FRA
GET H2	200	forbidden-29883e63e1ce37b2.js Show response home.s.id/_next/static/chunks/pages/	4 KB 2 KB	34ms 33ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128038 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"eb6-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4YXoKRFdA48c45Yf993fZbZzTUlPIYh6SIx7%2Fg7aZ4Cd60Ep6DbdyDfwlyG6vn8mq6nJxPtdHRpqjDwHnoEaZFFoYxCpPdalZw%2FymFmQN74bPMxYw%2F8ZC1oxfqipa%2BNt1lu9mrOcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89ea1b9f-FRA
GET H2	200	_buildManifest.js Show response home.s.id/_next/static/hzZZN5WnYBw27z-g3ogTW/	9 KB 3 KB	25ms 24ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/hzZZN5WnYBw27z-g3ogTW/_buildManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52d0bdb0baa4382da6412ff0a0989df7512ada474fa880e021d9021554441d2e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:51:25 GMT server cloudflare etag W/"25f5-18afe640f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzE8hO531EON%2FK5FauYUe4VtRkY1xx5eKau2IAmGNqq%2FQBYGDAnOPQ7gZD42VDMEEsK%2F72Mczs6EdlJcFWVaI8RQlOawj8%2FCs2M%2FWfCT8iapPjPIjyxZwx6G%2BujfujVYJYNKSnwHWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89eb1b9f-FRA
GET H2	200	_ssgManifest.js Show response home.s.id/_next/static/hzZZN5WnYBw27z-g3ogTW/	91 B 386 B	28ms 27ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/hzZZN5WnYBw27z-g3ogTW/_ssgManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128199 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 05 Oct 2023 05:52:02 GMT server cloudflare etag W/"5b-18afe649fd0" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBGkNQp%2BoHAGooXKyV3QPVlNa9Re43ncY7RbN1nX%2B5hH4bRj0iA9Zo26pEF%2FjcolVZ7y2PSS0nSJzTqaDQd0x3fAlBT%2FUBFhvEF8zOvsTndoLfBi%2BJMpgbxALc04ZhbRYaj0Jdl10w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 812002fd89ec1b9f-FRA
GET H2	200	403.svg home.s.id/images/errors/	4 KB 2 KB	272ms 271ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/errors/403.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 27 Dec 2022 03:47:41 GMT server cloudflare etag W/"1136-18551b16f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBuPxrExxYAJCa0t3%2Fw801Hdd%2BSvlj7rRO5km1GhsGs99bKFfeg%2FzBkb4rJv0mo1zc1X%2Fuh21mVsvLv4BSF5UyWQ2sHDbzv4370b55PKrGrSO%2BW56VNF2%2FKFSPd862MMSj5Ww0F0lQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 812002fd99f31b9f-FRA
GET H2	200	sid-neu-logo.svg home.s.id/images/	8 KB 4 KB	258ms 257ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/sid-neu-logo.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 05 Jul 2023 23:09:20 GMT server cloudflare etag W/"2120-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SH7zgN1bbc6NjmrnEJnNEKBm%2FRpglxbD4xTWsJ77MxKxxaU44hjZX8ssNVLtAGJUO6rLTEYYkmORsYAuyW3iylmLwMC%2Fih4XG1aN7fw73I7OR43LKKdlno0pVEcM3lsTRMYgEKdVNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 812002fd99f81b9f-FRA
GET H2	200	v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	63ms 44ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Request headers Referer https://home.s.id/ Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding gzip last-modified Thu, 20 Jul 2023 18:10:27 GMT server cloudflare etag W/"2023.7.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 812002fdaf7a9b52-FRA
GET H3	200	montserrat-normal-700.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	256ms 255ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-700.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOyMArYVV40v9zLuWOBwSm7wHgpvpXHu78LBH7AoeDqcmbnKvZXoPc4yfTyqijPy07T2RXDMcVpQYUnCRKd0eF4p2DYuJEkmMIhsFHrfIJhl2xo%2BiPDRPH5vXBLOIDWaXwffmckexA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=3600 accept-ranges bytes cf-ray 812002ff6dd65d55-FRA
GET H3	200	montserrat-normal-400.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	246ms 246ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC%2BkscJImj8kSt4eHohN067I8DnPGJQetl7TSdG5Spz8Rqe%2BLY%2B1D%2FO6nF9Xda2mPrbJ7L9viGKNpOHQNv%2F2KBdWJF%2FjhXiu9LeYc6he2wIZa5RhuU0EDwiC6Zl5Rt1lu%2B%2Fnsh5Bww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=3600 accept-ranges bytes cf-ray 812002ff6dda5d55-FRA
OPTIONS H2	204	me app.s.id/api/user/ Frame	0 0	584ms 550ms	Preflight	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.s.id/api/user/me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers ds,x-rpc-lang Access-Control-Request-Method GET Origin https://home.s.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS access-control-allow-methods GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH access-control-allow-origin https://home.s.id alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 812002ffc95f3a43-FRA date Fri, 06 Oct 2023 18:36:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIcwrXjUKeeAddAtu27UznCdnQE6JMmk%2Br3QbploqBTBACjqRNoXv5%2FYdvUtu1jrsCv%2BJ9QTCMSLOJMC%2FujSmP6MbBDBqWskU9%2FiWP74G%2B2m8Dol3beEvI2yJkla%2BrNEA%2F3Zcd%2FX"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-content-type-options nosniff
GET		me app.s.id/api/user/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	238 KB 83 KB	57ms 34ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 68f1eb829eb840d3466a17c986fef0de49fddf14b669abe16ec72e326535d75c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85108 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	242 KB 84 KB	52ms 30ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 36fd20bbd2d0ace5b70db01959d4f731581a1d403f74742dc495a0a3daf62d5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85919 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	212 KB 76 KB	45ms 23ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 16366ddcb2b19bec195753f0b4423e602f1bc2e4e4668642c85f1800e8257e52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77220 x-xss-protection 0 last-modified Fri, 06 Oct 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	198 KB 53 KB	28ms 12ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 06 Oct 2023 18:36:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53356 x-xss-protection 0 pragma public x-fb-debug vd0d9kGiwGoP5i7hWusv2aKXjGXnmDuTDx4Xj4+yjFeAi3y6e23T9jSQffl87C41dxYSqva4KZYc6DcllcGv7w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	64ms 29ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id TDMQPT020DRW1117 age 41 x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-amz-id-2 zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA== last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuAhhGp1zQV4wbiew00ZbrAUN8Ze4kWqp3cK48KvtOKv3jWW8XPxbsXrRuqtCs%2Bmsj89eotCQC0J7ylJJlo4zPM9rxZnICqnvJz5IKOLbnxgDlwsIfnLjqL12srnqf5LRy%2B1sds%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 812002ffdb8fbb9e-FRA
GET H2	200	client Show response accounts.google.com/gsi/	198 KB 78 KB	64ms 36ms	Script application/javascript	2a00:1450:4001:82b::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/_app-854f6090918e9e84.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 59a137b893436c8961cf69adc6df4108a7e9b34c849257cbee6246d6d8c5b089 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YUaluTXplVhXIq70QbXSAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YUaluTXplVhXIq70QbXSAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	3626502037629324 Show response connect.facebook.net/signals/config/	136 KB 35 KB	14ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3626502037629324?v=2.9.132&r=stable&domain=home.s.id Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d74c710b8b19bf56c5ade5374c62d6c2adfa133a6a08babe73cd0288ee9d855b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 06 Oct 2023 18:36:45 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36086 x-xss-protection 0 pragma public x-fb-debug c0Uowis1CqvkF7oAdM8DhTGS/gUqjOOSS9zbx5ayuT+VoKRnYNJGyjZzpGVzK2AVV6mh0aJ8QcLteWdbDiN7ZQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	4b27aa03-d3da-43eb-8382-660c054fbc9d ekr.zdassets.com/compose/	1 KB 2 KB	232ms 193ms	Fetch application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 8066a39d7dfb13f0-SEA, 8066a39d7dfb13f0-SEA x-runtime 0.002566 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"e96d8108ff2a6544527139f9623191fc" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xe7kcBCpgnyFCl26u%2BMcSVC6%2Fcvt7n2DeZFz%2FSGj3hy%2B2%2B%2FfEgaSHCuEzF42iT3v0jLIqPOPbAbCcCP0kEfujgq8uYDXpg%2Fi%2FOMjuyNXXy%2FtLt48yt%2F307b3fKGIZm2uaA%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 812003005be24d5b-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	238 KB 83 KB	25ms 23ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c2c6070d752794439d2a823dfc0a100a399e703da56fd50ea7db4c4c579ce062 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85093 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	242 KB 84 KB	24ms 24ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 129efcc383b78fdddfb7c002523485a0964e1b7d2b94277da367c57b6c64ae44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85921 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:45 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/	3 KB 2 KB	49ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1696617405479&cv=11&fst=1696617405479&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=1940783365.1696617405&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 91bbd2cebbfffe2d076d632fa25a0a67e1a15e09fa310129968bf281620aaa23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 49 KB	21ms 21ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 93dba3b18f54948abd079f43fd7dac28be9922689c15307e8aefcc6f75f91eba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 50585 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:45 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 249 B	37ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3a40&_p=508418571&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696617405&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 249 B	39ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3a40&_p=508418571&_gaz=1&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696617405&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 249 B	52ms 17ms	Ping text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=1947906244.1696617406&gtm=45je3a40&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	61ms 36ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1947906244.1696617406&gtm=45je3a40&aip=1&z=352777982 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	33ms 7ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1696617405563&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696617405561.2076644576&cs_est=true&ler=empty&it=1696617405440&coo=false&exp=a0&rqm=GET Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 06 Oct 2023 18:36:45 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	analytics.js www.google-analytics.com/	52 KB 21 KB	153ms 17ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 06 Oct 2023 17:51:33 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2712 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 06 Oct 2023 19:51:33 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10823601447/	42 B 455 B	159ms 25ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10823601447/?random=1696617405479&cv=11&fst=1696615200000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=917289824&rmt_tld=0&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/10823601447/	42 B 154 B	21ms 21ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10823601447/?random=1696617405479&cv=11&fst=1696615200000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=917289824&rmt_tld=1&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-main-4b22769.js static.zdassets.com/web_widget/messenger/latest/ Frame 6538	453 KB 143 KB	37ms 36ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id buuqfOo_4CCc42mcfHh3348fXV_AyXJg content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMGEA960H2ZYQF44 age 1428446 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 nw3jyuhiq3zL/h04RVNKDMzpavlZMPFzJXiZC5xtbC4ZLP8wNgKfpJUyfAiDJwTxU4G8dpyWlQs/4zNcj7R8Pg== last-modified Thu, 24 Aug 2023 03:43:42 GMT server cloudflare etag W/"39c5d5a29a88c9c1a9f281848ad16b16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BgeCoNXHgkheKHaFqbT0gTCf46o1SVDaadwY97C7ymQCAXZsKNFPT6QDEP1A8wNsrQmmfLLZvakroZ6BnL9rw6%2BPEATcoY61lQfe53816E4Hhl6Brlwj9l15%2FwKkYn6cks5F3I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 81200301aea4bb9e-FRA expires Fri, 23 Aug 2024 03:43:40 GMT
GET H2	200	Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response blog.s.id/post/2022/05/19/ Redirect Chain https://s.id/1SV77?s=skip https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	108 KB 31 KB	54ms 32ms	Document text/html	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash f90badac4a421376090229017d5d25f75974c69e76d77eac43b509dade88c09a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://home.s.id/forbidden#action Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 41351 alt-svc h3=":443"; ma=86400 cache-control private, max-age=86400, must-revalidate cf-cache-status HIT cf-ray 812003048d581b9f-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 06 Oct 2023 18:36:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ4ZUutDNNoYTr8bey449N6jtcuqBHomuaSJNTOhp1nXjovuRe%2BvUT0B9W73riCYLToxIQbAYyrAB0RQY73RTK8W1DDX8nkFFKvimWT98fL7LDUoJV1cf5G08TV0RIPeLfeo9iBDng%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-powered-by Next.js Redirect headers cache-control private, max-age=15 content-length 0 date Fri, 06 Oct 2023 18:36:46 GMT location https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect server nginx strict-transport-security max-age=15724800; includeSubDomains
POST H2	200	collect www.google-analytics.com/j/	1 B 201 B	14ms 14ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=508418571&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1684120758&gjid=1275942308&cid=1947906244.1696617406&tid=UA-225238330-2&_gid=2059107456.1696617406&_r=1&gtm=457e3a40&jsscut=1&z=773991007 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://home.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	en-us-json-4b22769.js static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 6538	16 KB 3 KB	23ms 22ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id Gb950S5306bStT2XGhy0_xYQToJJizIu content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG5JY3ZKNAS3HE4 age 1428447 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 oNG5Ntj5cIQX9pB+KpoQsWttJQwfnlmqXVnKqc4qOFacRRgtvMtYAbbyB0VHIxcp6lc+OesNPZ4= last-modified Thu, 24 Aug 2023 03:43:43 GMT server cloudflare etag W/"8f649b5684cbdc6de706c3ee378b158a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GANaUoeKiQdFLy3JKsW0iaK7ABDl3RPhB3MowtYBrPMILurGqSXrO9eqXngxN7u7kC%2B6nWzS3h7JQ2nF7r9sVfgRdGQqbL6PIOcFXf3X30kx%2BQjVleUQBKdsZ0KEQau4pX1qpTM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 812003024ff7bb9e-FRA expires Fri, 23 Aug 2024 03:43:42 GMT
GET H2	200	web-widget-4852-4b22769.js static.zdassets.com/web_widget/messenger/latest/ Frame 6538	139 KB 47 KB	45ms 44ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id nYMPFR.iqtfU72nwkjhPOt8gBbfBzGZl content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG9XE65YNS52K79 age 1428445 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 AORSCZqxcx/5TOkPtSX0Z2D8FvQG3Fr4DIt3A6fwvVZGPJLFTZSZ62t0MNKgj0FJH6+KeniRZ0c= last-modified Thu, 24 Aug 2023 03:43:42 GMT server cloudflare etag W/"537006977bee3c56b5a5b9900b593d0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvVQzGpzyFFOkBpqJvokMepx20zw1yqcv1Gq0fUxJdNQ8HyV65c9l2whYhQ1h1Wez%2BDzc%2FJgGjAYpO0tCUXWYZAxaQgT7yH0m%2B4EPJSdobBpNzXR9edh%2BQiwxQRtoGBmrLovqcQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 812003024ffbbb9e-FRA expires Fri, 23 Aug 2024 03:43:41 GMT
GET H2	200	web-widget-519-4b22769.js static.zdassets.com/web_widget/messenger/latest/ Frame 6538	24 KB 8 KB	43ms 42ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id lxotykkgECMc9LkwVmT9pOhbgN52rwSH content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG8J2NZWKC5THX8 age 1428445 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 R7DnfRkHNkNeVzf133PKau52x0bbYErXE9ARK3reS7ZhFughyXOdFEnoYN+aeR8JiM228VrwMk8= last-modified Thu, 24 Aug 2023 03:43:42 GMT server cloudflare etag W/"1c9884a2069c7bec6b20dac62004eb1b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FvY7YyAfaTIWNahgKazUV90peZVm4P%2FIG1puwA930obw3XVzg%2B4s5GfCIv%2BUoeAMdY%2F8h0dPZIlrNFyl4YEk0B7WA9Y7Q%2F9Rbr1zSkyXE0APBUR683ceH5OWAt%2Btkz%2FWdH6H40%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 812003025ffcbb9e-FRA expires Fri, 23 Aug 2024 03:43:41 GMT
GET H2	200	web-widget-5178-4b22769.js static.zdassets.com/web_widget/messenger/latest/ Frame 6538	24 KB 7 KB	43ms 43ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id sSav_AkeQS.PdbhOQG5COPnxKLj812h0 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG3251STKFQ9FKM age 1428445 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 h7XGjSKoVV1NTu0NySH/96sHkYopZS8N0VkC4t8Z+gHYYPwTQw8ywrZSrKAYnqVLFFQD4+G2uW0= last-modified Thu, 24 Aug 2023 03:43:42 GMT server cloudflare etag W/"11034f049f5eef05b26ed292ac59e1fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrNXVWR2cmCIXoA%2BMO0JIXig57MJEjoK5XQMFPuW4B2%2Bn62ion0zu%2F3UToyhovN3%2FnmN15vXau%2BH4iSEmOnjdqfY17ArrYwR3tUS7eTzS%2BKfdl7YexLcno3W%2B1p%2BJnSLYA8rC3U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 812003025800bb9e-FRA expires Fri, 23 Aug 2024 03:43:41 GMT
GET H2	200	web-widget-9535-4b22769.js static.zdassets.com/web_widget/messenger/latest/ Frame 6538	15 KB 6 KB	44ms 43ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4b22769.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:45 GMT x-amz-version-id TQwoJrATHBNX6IVnB55aFvI.RS16xjhS content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG8KVT4FPM8SWEZ age 1428445 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 TWy0LkjQaQd67RZpp1XgdCwQeqJ/aDt5pnCQ7KbF+E6qWm7IHD0tMT1plIcs/g1wAJdzsDEAxi2Bcq7jKLM49A== last-modified Thu, 24 Aug 2023 03:43:42 GMT server cloudflare etag W/"e3df43ad3700a0c6a03da6179cd57460" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69plYOMxEpbM427lqMZg%2F%2BO2jlvUNtdDqUGU%2FVkIhZuR4pyYgRMpJVTMrdAJp1oXKg0HdpMJgEnBlxFeL8NiWhiek6uowIWBBq5dovYMSPOoyfB0QdcwluVpiW6q02joikeZ5CE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 812003025801bb9e-FRA expires Fri, 23 Aug 2024 03:43:40 GMT
OPTIONS H2	204	pv sdotid.zendesk.com/frontendevents/ Frame	0 0	308ms 268ms	Preflight	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://home.s.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-origin * access-control-max-age 600 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 81200302f89b5d39-FRA date Fri, 06 Oct 2023 18:36:46 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6egegKDvY0gZ%2Bq1r5KPyxVqhsDudZOf25HvVOhMwNa9ofcohoigZtofWsicIPqX3xc%2F1Y%2BJ4Z0dgdfvrE%2BUQYVXgk8yMOUTnclBNR3v2AO33pwMBxYf%2BXDmUthqUkFxlWLa5vg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Origin x-request-id 81200302f89b5d39-FRA x-zendesk-zorg yes
POST		pv sdotid.zendesk.com/frontendevents/ Frame 6538	0 0
GET		config sdotid.zendesk.com/embeddable/ Frame 6538	0 0
POST		collect region1.google-analytics.com/g/	0 0
POST		collect region1.analytics.google.com/g/	0 0
POST		rum home.s.id/cdn-cgi/	0 0
GET H3	200	eeb05ebde42b7a3d.css blog.s.id/_next/static/css/	118 KB 18 KB	33ms 32ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/eeb05ebde42b7a3d.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d4bae26ef2433f377445f4a090102e0366a8eb7e88f31640fcc6e5ec5d984ce Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"1d8ad-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MLEe%2BDILFv2yFyy6294UJZDw6lLCJlCtE4qjXwNkUOsXXqBqV9Gs2hkJGPVsrqaGjufiZqmu70wqAEXoo0xdanbLHBN%2BZkM1RD2bqt7yNslwGL%2FkvBEGhL%2BVZ5clCM1lMDn8dKPBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304dd155d55-FRA
GET H3	200	0ccc702cf5b6f291.css blog.s.id/_next/static/css/	722 B 788 B	52ms 51ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"2d2-18afe626968" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi3s5BgHWU4KMkZUyzk6cvNqP558z07Ms0G390P8l0puPrLZOeCDs7qPzGG5hveAgGFrtnu2eo0DMRjiToxgqtg8U%2BuZJWmr4Q%2BkjJ8LNC3oD3P2tEk8i%2FdE68x7iAA9a41%2BV0zmcA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304dd175d55-FRA
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	171 KB 57 KB	90ms 59ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e049d047b305e9db0ad5795f66e1cd3451f84df7cebe49394d1275d12e21e801 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57957 x-xss-protection 0 server cafe etag 17744894840436748742 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 06 Oct 2023 18:36:46 GMT
GET H3	200	webpack-36d12a75f0098f30.js Show response blog.s.id/_next/static/chunks/	2 KB 2 KB	30ms 27ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128682 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"892-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u3KcVealyuRY3OV7KfinCMXAEXXgyI9fWDa3xz23Sb1PGrQ5AfYFuCtSGJqVytRDwQTIxyM21VydFiwb4Wpark8DOjgxZXKpUBnRPFFpGZHIaY8BJwN78sxLdWd%2BPtIeuTHg7dYhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed3a5d55-FRA
GET H3	200	framework-400d78dd60ac46ca.js Show response blog.s.id/_next/static/chunks/	138 KB 45 KB	63ms 60ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127858 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"226e4-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpLs77cVCT9rRAaBNKs8a8JEteCFQA2F8K35wImyFs5bVoY7wK0b8zoebXBqHvTIEFIg5KPWcuSX7%2FP5PoJqrcHhVouHESunq9lVUQHM%2BovZScY7URWV8BYXkzKY%2B7ycSTVEs5yQpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed3c5d55-FRA
GET H3	200	main-ef060895a635bf59.js Show response blog.s.id/_next/static/chunks/	96 KB 29 KB	44ms 41ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128681 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"17fff-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnuPem2bwziW8cr%2FLVHe%2B19Dub%2BBC97SQxfEBK1QnYxdeUkVhg%2FlQRmvNFrucJbPJmTbnWC2mxzNmclJQY%2BXZDYlprbr43JZsPzabAwBLzIoQQRfVrlUwuB5QEw0qVKKJjBJZUS5mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed3f5d55-FRA
GET H3	200	_app-f9f9b8ebd4bd88d0.js Show response blog.s.id/_next/static/chunks/pages/	232 KB 73 KB	56ms 54ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/_app-f9f9b8ebd4bd88d0.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbf11836670a9b54f9faebf31559ea7917a4df4b47b489e4e3982d9911e3fb13 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"3a038-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OehyxGPbZz%2F3UjK8r4SVl1KiXJkyms6Uf%2FefzCLCq9Cdd98ub4xzBF0vEFnqAiFITKBtGLxQIltnHEgf%2BZ0ADsFWKUw66b1Vh2JZrFgSh4zNbp1Mgh4mL3J6CgW8jGaoSEFdIz3Pgg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed435d55-FRA
GET H3	200	b7322211-fbdd2383fa168487.js Show response blog.s.id/_next/static/chunks/	3 KB 2 KB	46ms 44ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128681 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"a7e-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aaiNVvdZLOhF%2F%2BvWSoar6dsEOrSz%2BU4o2zuLPYo8WG2xIVKpAA%2FXffuJ4penluuMlLShp8wkDmILHarSPowewcOUk6xJnUZes9Itz7YQUjtW05bScRVp3FtdXQR25%2FJnpeoUfwPMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed465d55-FRA
GET H3	200	903-f279e023cd941d06.js Show response blog.s.id/_next/static/chunks/	140 KB 43 KB	46ms 44ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"23198-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm%2BtFL4ZJPzTS80ifqZyrpt0vyoNLXf5iNfRrpPca7C6x%2FdTLKea4I%2BmMV6uedSAQfu5Pv1Jgo5Z5wGNDmIAiOsZT2UzgvHpxvm%2F7RasR4FbWNnOZrk9luQzVolMvkEHgflvWbapPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed485d55-FRA
GET H3	200	68-11b8cb0c68cc5685.js Show response blog.s.id/_next/static/chunks/	13 KB 5 KB	35ms 33ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/68-11b8cb0c68cc5685.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5470a561f50d00b61b7e5b223c4fbd8dc43068aaa3e8f008f57fb27471211f0c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"35f3-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzGCm55hpm9wGbV6%2B07PkEj2dWhPCaPTn0SXB9nVl90VHQ45aYcrVJUwHuocrv4pI8TB5t6wRHmcr%2Fa9FrT1RUf3Ojn2U8hS6rbw%2B9%2Fd3f28zNTGOS0cfy2iMRseFAWk4xS7ljM%2FXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed4a5d55-FRA
GET H3	200	%5B...article%5D-f50dfd12dd1bf9bd.js Show response blog.s.id/_next/static/chunks/pages/post/	26 KB 10 KB	66ms 64ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 128681 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"6877-18afe626968" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCvtBqn6mU%2BoZxU8i35UHEvp7C1pR6a8%2B889vz4Qq0q%2F%2FlQYtO2v2q1xzX3Arlvl8eBVh%2BB9YxuUCyEwp4MK5%2FXtpfIFJ67hIUHo9kbCVmrOQK74re0mdWM7UVGsJ4K%2BujRSI9apyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed4c5d55-FRA
GET H3	200	_buildManifest.js Show response blog.s.id/_next/static/6prOARWvPf3u55RTN5F3O/	998 B 993 B	66ms 65ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/6prOARWvPf3u55RTN5F3O/_buildManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24cd55be642fb5c3dba532d5bbe0c49af4e2482d110f9e73a80bd0b3ceca05e4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 89322 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"3e6-18afe626968" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw9jJnMGspQV%2FYoKlHFs2esJGkXWOTXFoUbqiD8SAQgfUTiMpGVNW45Vs%2Fw21iTGvTQtk7eV975bDdymkSo9TSVyUBSV%2FlvcPLPG%2BY4KvLIo4HNUkLTsCYGcqWapv8Mm%2BO%2Bfm5TgxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed4d5d55-FRA
GET H3	200	_ssgManifest.js Show response blog.s.id/_next/static/6prOARWvPf3u55RTN5F3O/	77 B 598 B	68ms 66ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/6prOARWvPf3u55RTN5F3O/_ssgManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 127859 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 05 Oct 2023 05:49:37 GMT server cloudflare etag W/"4d-18afe626968" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tbx0u0wvPtTzcez5ShAkAgnPXYb73TLKU7b%2BKINo8uiMeHh9tCQUg1TZCtmgks1H7hNkZz6Qhchk76d5Ktej%2BPXfSmihaj3aswYidtRNvR%2BnF1HLFAJYuzHSxeIQkcTsGE8uDCkOgg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 81200304ed505d55-FRA
GET H3	200	montserrat.css blog.s.id/assets/fonts/	3 KB 999 B	247ms 246ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/montserrat.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLO4iTdW6anlbFb%2BO%2BLqru0KL53WRDZmBZDJfv9OxReFQ40CxtwmXyIMdg%2BRJ2kr08TI1N3Y9I3ZhxFL%2ByMDnmslbYY%2FVM76BNDjQSH2mjFz9k4PLu58n4Afl4TOPY6A5H8uTPWYgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=3600 cf-ray 81200304dd195d55-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans.css blog.s.id/assets/fonts/	4 KB 947 B	245ms 244ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/work-sans.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCavtNLsC8Z7p0pCfG7r6P1FsWQuXXGtobGa9woF5CWppD%2F017vm6J81E6nnBQyFUs3pk39XWZgm%2B%2F9yc6D%2BYiFhI7UAQCX%2BFTOC8xl2EbEZHoq64Z6VvstcKKP6%2FyzW6RfByHGltA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=3600 cf-ray 81200304dd1b5d55-FRA alt-svc h3=":443"; ma=86400
GET H3	200	adg-red-ring.svg blog.s.id/images/	6 KB 3 KB	272ms 270ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/adg-red-ring.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 12 Mar 2022 15:31:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"1926-17f7ec17510" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u4IddHlQ7TxMyFmlx2OpKxKMed51m%2BY8TIrAOxg8o4X0LPLXr0cIY9GM%2Bm8t5%2Fzn1notGjv8uJywh9ggys5uAaVYtt91AF9C5xagLr%2FjdLAhtti43a4pl4wFS8DmfTAxqsZd5yM9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 81200304ed535d55-FRA alt-svc h3=":443"; ma=86400
GET H2	200	v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	57ms 55ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Request headers Referer https://blog.s.id/ Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding gzip last-modified Thu, 20 Jul 2023 18:10:27 GMT server cloudflare etag W/"2023.7.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 81200304e8dc9b52-FRA
GET H2	200	show_ads_impl_with_ama.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/	447 KB 146 KB	74ms 73ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 35af58582f5e2e70b75edfcbf44b819f463bf270d5f437402f65c82f3def81b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 149200 x-xss-protection 0 server cafe etag 16693037884211737226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 06 Oct 2023 18:36:46 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 1590	10 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 16808 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 13:56:38 GMT etag 2603938475786422795 expires Fri, 20 Oct 2023 13:56:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	work-sans-normal-700.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	264ms 264ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHEbGjMabwSXCKMaMUHIA46Yt6geC%2FF2%2F%2F6xvLMwPaVsGpxX9uUnkkE0789yihuUltEWV%2FEDAp7rMJvjdWWZgiDZIb2PxsWLMGNfuXN3OQta2sjKI51PL9fhbzkEKMW4wY1TgUdZxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=3600 accept-ranges bytes cf-ray 812003066f225d55-FRA
GET H3	200	work-sans-normal-400.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	263ms 262ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tdqUH%2FszRj3Ox6aBL7VQgyA9kzvBzPqin5IgZOp0Gv4FG%2FeLrqENVBLxruwela8cHaCYM72Kn8YefCKNVRTQPzKMQZ4z%2Bnw8KxlX5HjO%2BQIAnIkUMBZ3QLoPAd4p75qsZxpfToesQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=3600 accept-ranges bytes cf-ray 812003066f265d55-FRA
GET H3	200	sid-neu-logo-dark.svg blog.s.id/images/	8 KB 4 KB	253ms 252ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/sid-neu-logo-dark.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 05 Jul 2023 23:09:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"2137-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7BszDepOu8kny4yD5GaoNwxZoHvdmb1hM0h3qoBTwBc34YBZvDOG8kiOLVLSy%2FjCYTco0hfDcOSD8XJAh0nLteHE5afMi4rdBBRV1fNN9ZfpBMPgTrFwSg0g51DkUdlUKogIJDt4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 812003066f2b5d55-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans-italic-400.woff2 blog.s.id/assets/fonts/dist/	44 KB 45 KB	272ms 272ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b61d2de9865afa7dbbb91782523d03263294fb81eeae08e9ee0fc6f121e1a6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 45488 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"b1b0-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kngN0lGNDupJFdGhQDfWGFR4pbgCeaG1eLNHxYMzjd0hina2Mcq14Ng%2B%2BXBayDBjTPc3NYTMjLigWG3u3BGPUJf6PdVCLtH0RsuPmKQQbYGYoIAnA67gvX3T3haDGZ%2BebtX4%2B7vA3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=3600 accept-ranges bytes cf-ray 812003069f6e5d55-FRA
GET H3	200	js Show response www.googletagmanager.com/gtag/	238 KB 83 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 492b6ee011b2c4e01f2359f4b9016aff4161a35e35ab00ceba618d93f55010cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85106 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:46 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	241 KB 84 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de2efb92ed32eb3ad4ca7bd03ff0d1bf5c6d1fc32e687a32808e33434cad5d84 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85847 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:46 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	22ms 21ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id TDMQPT020DRW1117 age 42 x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-amz-id-2 zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA== last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmDa4XXsPHZmZj%2B5SUFaMa0OJXWpf1KRXOtwf%2BDYRmZJXawBzUoTqy%2FH0oQDgoIMshxTLfk00U07S18OXdffKVM4ilYFC%2FO5ztqt%2FMajZFr0oH2evYCG7u69m%2Fm0nk5lj%2BcxLAw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 81200306df3ebb9e-FRA
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	375 B 598 B	66ms 16ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78cede1cd804de739cdbfab52f46757e72cfbdf732b1777f72f2f0c887dd768b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 33E9	0 20 B	215ms 214ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1696610206&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696617406340&bpp=4&bdt=131&idt=224&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8268835916919&frm=20&pv=2&ga_vid=1947906244.1696617406&ga_sid=1696617407&ga_hid=712859326&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44804783%2C31078301&oid=2&pvsid=1376729897192721&tmod=1976475017&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=244 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:46 GMT expires Fri, 06 Oct 2023 18:36:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	108ms 107ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookie-consent%20fixed%20bottom-0%20left-0%20w-screen%20lg%3Apx-0%20z-50&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response ekr.zdassets.com/compose/	336 B 590 B	178ms 178ms	Fetch application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd13669008ecc4868bf07d81124c0e7a16f1251517d191e23b40e7f650824a08 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 7fd8543d8f9d77bb-SEA, 7fd8543d8f9d77bb-SEA x-runtime 0.003706 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"bd13669008ecc4868bf07d81124c0e7a" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbyqLrODCk6rUOznWZo08P5ENZPQwmmRs7YqyP9TA8TdnItrGM4F26ZpIia7Dh%2BZdxPq0o9TnRftD7Ng%2BqF3uDlAIfTYa7Xg805xkyb%2FuKd2YCoZo0jBZsfSWRFOHFW%2FlrM%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 812003074c344d5b-FRA
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	14ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3a40&_p=712859326&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696617406&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	241 KB 84 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7a2ec9a8354f582e248fbf24725faa5220d113b659aab12926e03e31d5488332 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85944 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 06 Oct 2023 18:36:46 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	15ms 15ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3a40&_p=712859326&_gaz=1&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696617406&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 68 B	19ms 17ms	Ping text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=1947906244.1696617406&gtm=45je3a40&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	34ms 32ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=1947906244.1696617406&gtm=45je3a40&aip=1&z=1181901728 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-framework-606557475ee447c56eec.js Show response static.zdassets.com/web_widget/latest/ Frame 28B6	100 KB 32 KB	25ms 24ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-606557475ee447c56eec.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0eebe7f3a04ff650268292b30f5e42c0acc9f178649321508a29d120118f1c9 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT x-amz-version-id g.Qpck5guIMqPFb3YsdNkzqrQ2xHLoU2 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id DMG63AS1B82J8C1R age 1428444 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 DoSgKUHr+GlCbVy5/OhejzYOseAGFPqqNE0t1iGEXxgwmjzpcq+bLRZ1z2cCkz9BCrXL2mHzs+A= last-modified Thu, 24 Aug 2023 03:36:57 GMT server cloudflare etag W/"dcaa2d849c3eea83275fd33a8655a9e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=matUmBjVWrnGjGYs3%2B76RPp7vuu%2BdJ8DcA7RW%2FzlWM%2BrD7vDTncMUc7LBXZJgLl9bKwz9hQhe5%2FOBlI9TSrm5yx7R6UdWIRXpe0DaGQO3QAhTtIrmNWZWJa%2BM3ADYIcqBJ91e0Q%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8120030869d3bb9e-FRA expires Fri, 23 Aug 2024 03:36:56 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	104ms 63ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d36e105dda1478f04679e6765cd21a0dc17160a0c2ed6f78c02d08e8108f7b08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12202 x-xss-protection 0
POST H3	204	rum Show response blog.s.id/cdn-cgi/	0 137 B	11ms 10ms	XHR text/plain	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 content-type application/json Response headers date Fri, 06 Oct 2023 18:36:46 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://blog.s.id x-frame-options DENY access-control-allow-credentials true cf-ray 812003089a3f5d55-FRA
GET H2	404	config Show response shortener.zendesk.com/embeddable/ Frame 28B6	15 B 953 B	372ms 333ms	Fetch text/plain	162.159.138.6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shortener.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-606557475ee447c56eec.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT strict-transport-security max-age=0; content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-6c598dd9f9-x6zs8 x-request-id 81200308ed7890d7-FRA x-runtime 0.006670 server cloudflare vary Accept, Origin, Accept-Encoding access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfru21GYeq8Otzm17AVDQLBpHCC5ZK7xF0Nt0BwKEZfhhTGwbvfFEH%2FSC23TuBThcfQ917rAPYBsLsNN2V25GezaZ97v3m3dZDRqSz5ZjBh1DuEqWIUiFvC%2FWkv4RoVIMbYHHbWQmw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=3600 content-type text/plain; charset=utf-8 cf-ray 81200308ed7890d7-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 30 KB	130ms 66ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96d8fc05cd9ebaaceecb6def0fcc8af7c185b28d29249c1894280512ed08143a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29835 x-xss-protection 0 server cafe etag 643 / 19636 / 31078562 / config-hash: 6965042191446531621 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 06 Oct 2023 18:36:46 GMT
GET H2	200	site.js Show response protagcdn.com/s/s.id/	442 KB 126 KB	68ms 37ms	Script application/javascript	2606:4700:20::681a:78e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://protagcdn.com/s/s.id/site.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2307 cf-polished origSize=453743 alt-svc h3=":443"; ma=86400 pragma no-cache cf-bgj minify last-modified Tue, 18 Jul 2023 04:06:38 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BsNtPBl%2FNlqZw%2B9gUB2CZUNTwspQV8iiZH6AyqV9SQkzMQOlzVE08BX5dK5XVfGML05sEcm2xyYk%2BdE%2F84VuGUxsmtilKPq5%2FsSyDULCC7W8%2FfBXAPUxl%2BZekyHMUqER9iVBKLmMTGiRmc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 cf-ray 81200308dc265d73-FRA expires Fri, 06 Oct 2023 19:06:46 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	99ms 53ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 06 Oct 2023 18:36:47 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/	419 KB 132 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 09:59:26 GMT content-encoding br x-content-type-options nosniff age 31040 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134827 x-xss-protection 0 server cafe etag 8968824880815585736 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 05 Oct 2024 09:59:26 GMT
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	68ms 16ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 27 Sep 2023 04:08:06 GMT content-encoding gzip age 829721 x-guploader-uploadid ADPycdvbRy62debeuap5d2X_nL0IA_diTxUlLVjzCe57950pX-t7YrXJ8wYXRaQQII6P20H4VGYSQ4HjVG7QKouB4behPw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Thu, 26 Sep 2024 04:08:06 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	43 KB 14 KB	63ms 30ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 07 Sep 2023 09:22:37 GMT server nginx etag W/"64f9965d-ab99" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sat, 07 Oct 2023 18:36:47 GMT
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	37ms 18ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 937 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230042-FRA, cache-jnb7027-JNB x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U4%2BZlu9glFFakkbjS4pNTlWiLhXAbA3sB7GBnvp626JnVBxnUwwHFEji9NyZq%2FnQyOytSbvhpfHzb9BGCHmFEpBpH3mwYgiNrS4Y81kTDju28FuxXCyd1vwp%2B6D4%2BOF2q6j8xN2tOqcKxwXRww%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8120030a28ba6933-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	137 KB 30 KB	39ms 21ms	Script text/javascript	2606:4700:10::ac43:266a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 05 Oct 2023 10:57:30 GMT server cloudflare x-amz-request-id NH41XC21M4PC8EM0 age 3042 etag W/"cc596ad33b7bfdd4553b44192a81e29f" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 8120030a2956bb4a-FRA x-amz-id-2 sp3U6PfHlc4I0jRlTTCG6QGAW5VmzWJ0UpfDYd/iNqraoqx9imEXzEeP8v2cbM01TTcbvqCTvvA=
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	42ms 9ms	Script text/javascript	65.9.66.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 05 Oct 2023 19:10:11 GMT content-encoding gzip via 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 84397 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id E9rJXItJblz2VzmG5wlunuVM-GbfN-bzIzdh2i16Es22Us8aaxaqJg==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	80ms 29ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context c1f92b23452dd0e957d70d1ca819a9c1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	94 KB 28 KB	616ms 615ms	XHR text/plain	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376729897192721&correlator=3379205310138910&eid=31078636%2C31078529%2C31078562&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie=ID%3D886c779afe1db864-22cc786038df00d4%3AT%3D1696617406%3ART%3D1696617406%3AS%3DALNI_Ma10P7irb8QoLZ5ZaPGeV92DC5tYA&gpic=UID%3D00000c8fb1f05b7d%3AT%3D1696617406%3ART%3D1696617406%3AS%3DALNI_MYFsjH8V2ZzwmZqv7yWL20EiJs87w&abxe=1&dt=1696617407073&lmt=1696610207&adxs=-9%2C426%2C426%2C-9%2C-9&adys=-9%2C301%2C795%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C0x-1%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1947906244.1696617406&ga_sid=1696617407&ga_hid=712859326&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYycScsrAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjJxJyysDFIAFICCGQSGQoKcHViY2lkLm9yZxjJxJyysDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YycScsrAxSABSAghkEhcKCHJ0YmhvdXNlGMnEnLKwMUgAUgIIZBIUCgVvcGVueBjJxJyysDFIAFICCGQ.&dlt=1696617406209&idt=813&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 237a71109127f0b28129a9e137ec46a615acab765d9ee2a5dc4fc54956a4479b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28832 x-xss-protection 0 google-lineitem-id -2,-1,-1,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-1,-1,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://blog.s.id access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D55	6 KB 3 KB	89ms 17ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:47 GMT expires Sat, 05 Oct 2024 18:36:47 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF70	13 KB 5 KB	9ms 7ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 125982 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 07:37:05 GMT expires Fri, 04 Oct 2024 07:37:05 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F8E0	829 B 980 B	20ms 19ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6d027a4929c741f1d7039bf871a32f6f0809c20e115dc11d85a5ee969a580c79 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-76Hya9l2kBOYpsaEariLRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-76Hya9l2kBOYpsaEariLRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:47 GMT expires Fri, 06 Oct 2023 18:36:47 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 330 B	110ms 31ms	XHR application/json	54.217.80.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.217.80.122 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-217-80-122.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 5a4f2e93cd6092985594531cdcbc77417869ceeea6d9dcb052a3412274735e0f Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://blog.s.id cache-control no-cache x-server 10.45.2.176 access-control-allow-credentials true content-length 60 expires 0
GET H2	204	increment Show response id5-sync.com/api/esp/	0 225 B	55ms 16ms	XHR text/plain	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://blog.s.id date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	syncframe Show response gum.criteo.com/ Frame 97BC	15 KB 6 KB	64ms 25ms	Document text/html	2a02:2638:d::d ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:46 GMT server Kestrel server-processing-duration-in-ticks 378766 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1	85 B 193 B	123ms 123ms	Fetch application/json	34.120.135.53 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 Protocol H2 Server 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash c8a0e54edbebef5017962dc6d0f3c85e35f4dff17d05cae11bd60750a2997fb1 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT via 1.1 google x-powered-by Express etag W/"55-xjFbs46UMYL5xspiiJ6O/i9cxIQ" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://blog.s.id access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Fri, 06 Oct 2023 18:36:47 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://blog.s.id location /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F8E0	0 0	108ms 107ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1376729897192721&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H3	200	YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response pagead2.googlesyndication.com/bg/ Frame BF70	37 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 13:29:55 GMT content-encoding br x-content-type-options nosniff age 18412 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 05 Oct 2024 13:29:55 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 97BC Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=jOkG-3xSTmxYbVBoaXVqR0pMdTFoODl2elBrS3dkU1BUNzBRaEdzYlN5a3cvK1ZCNlptd2RsbFM3dmkzRTduRnBmRXNPVUx0bFZDL25waldOdDg2eXF2RjlSVTQ1NzE4TlRqTHB2cS9xaWgzWHV0MzZvV3UxbmRSMkd0OG...	425 B 653 B	57ms 17ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=jOkG-3xSTmxYbVBoaXVqR0pMdTFoODl2elBrS3dkU1BUNzBRaEdzYlN5a3cvK1ZCNlptd2RsbFM3dmkzRTduRnBmRXNPVUx0bFZDL25waldOdDg2eXF2RjlSVTQ1NzE4TlRqTHB2cS9xaWgzWHV0MzZvV3UxbmRSMkd0OGFibllUdEkySW14Y2NOUHZSejFYOUJxOU10dUJJQ3JIeGNJMCtueVJ4RU0yMlJqeFd4UnVYcWJyY2FEeUFOVmdmZlBzMzJIQXZLTlE0VGdnODZmTVIvckF0L2I5TDlnRWRKQk93UnZDU3JWZHpzdE9EVi8xZFUydFF2K1YzY24xZ1Z5SE9rSDZkM20vNXRKN1pOVHpsbG1hYXoySWovZz09fA&cppv=2 Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 472d0510aecd0a9510af6f99ec4d5692e1f1490f107c159426c54be661e19672 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:46 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1330653 expires 0 Redirect headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=jOkG-3xSTmxYbVBoaXVqR0pMdTFoODl2elBrS3dkU1BUNzBRaEdzYlN5a3cvK1ZCNlptd2RsbFM3dmkzRTduRnBmRXNPVUx0bFZDL25waldOdDg2eXF2RjlSVTQ1NzE4TlRqTHB2cS9xaWgzWHV0MzZvV3UxbmRSMkd0OGFibllUdEkySW14Y2NOUHZSejFYOUJxOU10dUJJQ3JIeGNJMCtueVJ4RU0yMlJqeFd4UnVYcWJyY2FEeUFOVmdmZlBzMzJIQXZLTlE0VGdnODZmTVIvckF0L2I5TDlnRWRKQk93UnZDU3JWZHpzdE9EVi8xZFUydFF2K1YzY24xZ1Z5SE9rSDZkM20vNXRKN1pOVHpsbG1hYXoySWovZz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 240338 content-length 0 expires 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame BF70	0 10 B	7ms 7ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?mhMmFw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame 0DEB	0 167 B	46ms 17ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Fri, 06 Oct 2023 18:36:47 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309181453000/ Frame 360A	223 KB 62 KB	74ms 16ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 03 Oct 2023 09:05:22 GMT age 293485 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62203 x-xss-protection 0 server sffe etag "59b685ca39a652ba" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 02 Oct 2024 09:05:22 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309181453000/v0/ Frame 360A	15 KB 5 KB	83ms 26ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 05 Oct 2023 12:44:02 GMT age 107565 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5217 x-xss-protection 0 server sffe etag "38a16d64b8e81628" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 04 Oct 2024 12:44:02 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309181453000/v0/ Frame 360A	94 KB 28 KB	85ms 28ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 05 Oct 2023 10:07:53 GMT age 116934 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29033 x-xss-protection 0 server sffe etag "ac3d68f1a1bd2015" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 04 Oct 2024 10:07:53 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309181453000/v0/ Frame 360A	5 KB 2 KB	91ms 33ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 05 Oct 2023 15:20:34 GMT age 98173 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1919 x-xss-protection 0 server sffe etag "93680ba5e670b6a8" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 04 Oct 2024 15:20:34 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309181453000/v0/ Frame 360A	40 KB 13 KB	98ms 41ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 05 Oct 2023 07:07:22 GMT age 127765 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12946 x-xss-protection 0 server sffe etag "6bacf375b2677883" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 04 Oct 2024 07:07:22 GMT
GET H2	200	css fonts.googleapis.com/ Frame 360A	8 KB 1 KB	45ms 19ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 06 Oct 2023 18:36:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 06 Oct 2023 18:36:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 06 Oct 2023 18:36:47 GMT
GET H3	200	en_bl.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 360A	2 KB 2 KB	10ms 8ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 05 Oct 2023 23:35:53 GMT x-content-type-options nosniff server cafe age 68454 etag 11660698925711390587 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2471 x-xss-protection 0 expires Fri, 06 Oct 2023 23:35:53 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 360A	295 B 319 B	11ms 9ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 15:21:19 GMT x-content-type-options nosniff server cafe age 11728 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sat, 07 Oct 2023 15:21:19 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 360A	0 0	16ms 15ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDjuP7-yhidpK3tn7C32W3H77lU6Oy_p7YW3e5Qe9JHWvdImxo_UHh-tjZOuom5nfPoLZh2n0uBI2hohqi733OG08NaA Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	container.html Show response 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B58D	6 KB 3 KB	8ms 7ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:47 GMT expires Sat, 05 Oct 2024 18:36:47 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 360A	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 360A	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7550309ae2506ffd2936d7641042a1ff5a52210cb2d603a6f354901e8d427d04 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dr Show response as.ad4m.at/ad/ Frame 9E8E	2 KB 3 KB	84ms 49ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1g3qaw7y1fbsbcc0rhm5jfh4bcdx9vtgmtv3690tnfnwfy4trg5kxzg17wzpzgeby5pv30h69qjd5v487haqh79fvj4ayfexwzaj1hf24rfgnzqsjc75qyyv0s70ec9ha83ee9r5b3e5b3nzx7hxhrxwa71haqqqs24nav6wr34rp85ztn9ftteejezbewwb0rzaeasjyg7z2t9jqb0p7nwbq42zfmf0aqvre598by7cr2bwtqrph147r3snrx573tv8xajwwnbgq9txvmr17nsvwpevgehtvwz1fk69spgh4qzpftz77150zf1phmx2qah4xv141ryjpga9434v0vv0e2vg9tptygw1xkjsm69k32jb04ptaasafn7bs0f1zy2gavfp6tt8kpm59cg0pt2zkfn2ex4xnr5dx5n2qpawbx4snm4na9th7bteb36wm5kjqym1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%26client%3Dca-pub-2393320645055022%26adurl%3D Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18b7d9a21f17c5b72a43c1387c87449d7be70bbf1ceda67f757e48b5b12c4469 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 8120030efd55371c-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:47 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B58D	3 KB 1 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus.js Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:58 GMT content-encoding br x-content-type-options nosniff age 1609 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 18:09:58 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B0DC	1 KB 643 B	14ms 8ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72037 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 22:36:10 GMT etag 48472445140208031 expires Fri, 06 Oct 2023 22:36:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B58D	29 KB 11 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection.js Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9249961fa6c61c4787e2bc5c6f70c4c3d8f17c10bb1cd25e1b184c8f060b4817 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:58 GMT content-encoding br x-content-type-options nosniff age 1609 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11411 x-xss-protection 0 server cafe etag 5704382602992120581 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 18:09:58 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame B58D	0 0	30ms 23ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9g6thHykCJ3_lUZvfOryNPBdP4wSJMvXgc3mArtLubgTZUj5r7JU2fDMObkxBpwHF0b8bWOvUM8Z5QNeJ8Wt376yvaQ Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B58D	24 KB 6 KB	21ms 15ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 04 Oct 2023 16:05:40 GMT content-encoding br x-content-type-options nosniff age 181867 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 03 Oct 2024 16:05:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B58D	187 KB 59 KB	68ms 24ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 06 Oct 2023 18:36:47 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	122ms 116ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1376729897192721&bg=!Q0ClQA_NAAbjlzx0w5c7ADQBe5WfOPzFcui1e51K4VC7rvvKiBTrVR4QDE_0dO-sQnqIo4KNeb5Pumeh9h5cIO4Pc27SAgAAAFZSAAAAB2gBBwoAclHQ7B8ie4vXCpCcVKZ_XUt_PB76QWj2SuHF5fHJTzQqLt4Fs4Vs4FkLqXZifRiRps5-kthV9RMO_IA8tXe6dTarSRiHXbcctGG8sNQ2QRvEPHXKvKrs73kpACplxqG53FRnGtqZdZJl5gGD9deyooqUgJkCuypPLWHUKr4lfh2Bw-cVB6sHREkoNHJvgfoiOLXah9T9v6Fc-9LqnO9jWaM4zhtbF7J61mGzhmB_WjH5c7sukqmavU_4npWAqkRL52GPIHq3SjL2liWUGtB9xPGFIYjRpmwojlj5m3XDrSnc3ajSSnad3Feirj3AKOsoDI2XvHVb8PRiYa-J1ceGeGUoOCDLk78vHCmxQWAGjqsP4tBf-EWWdv1X5uxo4QqdZl8eDioaMpy6cxz7P3zvDPuBJqzFNH2quZ7qVmMNzuWMDys7KCTsbUdogA1sz44hgIdd5E3M2G34tvdDsur-HjaeVykjalrmGRfQJxrAWniCJ0SEJeHA18ZgIDMYtjaJxbwS5SYWpELYW7ns6vv_1hAF2x6aG1V2vj1n7NWNPfWauqlAVDbgPw4aDyAbmz4uznb1Y6xos38f4rFle0JK3MkuGwD19UafvI5AZnPGRH7eQ1aVkWrXLb7_GNlV7L-yAIlbu02snbIczULYLAQtujtkPpf0Z4BbAODKAHGVvd_fBlUNT0yYPq2ISe09Gu7tOKDH0-aJhgu2bsyK5KpMmkuZf4vwyTmTjotz5tOX7dGqC_veqxVTr3H28jx4FVcOwdDQj92TiGri5VgHa68iTd3J6jkpNhhrHiKLaAYjgQtmIqwkcHYIVZhosepq4-yMooupjvMIUtOFpNOGZDeJK29WKLHhap6BY-spxHFdRtPX2R68fpkxLBvsfehm5DNL8X3VzbnJVo2zol2zLIa-KfprTeLUaAEPtY4BcWggjb0YrLJKxV23O4dMxXdcfX77_BS95GDYN4gTj5Tmi65AC2kuHRBULWfE-AUKJlHRCTF_pBVWcplW0C1AAE4vCpn_hSVBGHC9f1ZFCKW-tUU0jORbPC9lFnSIRIczytbG9bjLKJeQP-N4vnoD-RMBrOfjrg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/ Frame 360A	47 KB 48 KB	49ms 8ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 05 Oct 2023 18:16:19 GMT x-content-type-options nosniff age 87628 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 18:16:19 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 360A Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	25ms 25ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Redirect headers date Fri, 06 Oct 2023 18:36:47 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	dpixel cms.quantserve.com/ Frame B0DC	35 B 465 B	61ms 9ms	Image image/gif	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFm5okRWq9S7E2pnj1Dsei0&google_cver=1&google_push=AXcoOmTz2ZQx-WA5fY3f0vtDTwv3WAG787mvLDDcSE6_fcm834qsGuZOxS0JcNvbKEptFYZlvbEexFh2FpRvr9P5iNoKy_ED5Z-I Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B0DC Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOnnSxPFk9YwwgXLD6mG9So&google_push=AXcoOmTlNCWsFcVErT3OTCjDomwgyWViE1mhLFYFv7wGy-7YmtoQ2aAegW...	170 B 188 B	18ms 17ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOnnSxPFk9YwwgXLD6mG9So&google_push=AXcoOmTlNCWsFcVErT3OTCjDomwgyWViE1mhLFYFv7wGy-7YmtoQ2aAegWFpffIPjASh8LZsGhVevAE9UIv1wc3b213h2wjOfvJx Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:48 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230024-FRA pragma no-cache date Fri, 06 Oct 2023 18:36:48 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1696617408.921960,VS0,VE99 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOnnSxPFk9YwwgXLD6mG9So&google_push=AXcoOmTlNCWsFcVErT3OTCjDomwgyWViE1mhLFYFv7wGy-7YmtoQ2aAegWFpffIPjASh8LZsGhVevAE9UIv1wc3b213h2wjOfvJx cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B0DC Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEK0K66KYn_mISYoZYFB6OgA&google_cver=1&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu4wCpk4amiz7aze7gvOOcf8	170 B 188 B	19ms 19ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu4wCpk4amiz7aze7gvOOcf8 Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:48 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 06 Oct 2023 18:36:47 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 8DFEF6CCB2E242828AACB5AB40F84B55 Ref B: FRAEDGE1709 Ref C: 2023-10-06T18:36:47Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSD9AVQN7WTKOs7BQXi__9QW6X5Jgo0EBRRpcadDOjcp_XopueIbgEtRHejOpD5avJLqmYnu4wCpk4amiz7aze7gvOOcf8 x-li-proto http/2 content-length 0 x-li-uuid AAYHEIXsb0GIGjzQzLiUmw==
GET H2	200	pixel cm.g.doubleclick.net/ Frame B0DC Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRYwW... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Nwa3njYJZ33lNilYQFl9TRCN2ewHMUiPvxXijg&google_push=AXcoOmRYwWRztrOxCT4vUMWcmGCQbdd3L2Z_xXz8KsLcpgNdDSxuyKb2QSCmZ5JRANMttDkx_7D9Eyrl7cSi...	170 B 329 B	19ms 18ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Nwa3njYJZ33lNilYQFl9TRCN2ewHMUiPvxXijg&google_push=AXcoOmRYwWRztrOxCT4vUMWcmGCQbdd3L2Z_xXz8KsLcpgNdDSxuyKb2QSCmZ5JRANMttDkx_7D9Eyrl7cSiT6HBiJ7gT19u1dz3 Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Nwa3njYJZ33lNilYQFl9TRCN2ewHMUiPvxXijg&google_push=AXcoOmRYwWRztrOxCT4vUMWcmGCQbdd3L2Z_xXz8KsLcpgNdDSxuyKb2QSCmZ5JRANMttDkx_7D9Eyrl7cSiT6HBiJ7gT19u1dz3 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1104891 content-length 0 expires Fri, 06 Oct 2023 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B0DC Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJw6Jv_CG14T3NxYfrhsf3U&google_cver=1&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxL... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJw6Jv_CG14T3NxYfrhsf3U&google_cver=1&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxL... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ&google_hm=HcScuGZHyYyUafscSj2TY3AQ	170 B 232 B	17ms 17ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ&google_hm=HcScuGZHyYyUafscSj2TY3AQ Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 06 Oct 2023 18:36:47 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSwEG6yTaJybPYs6PjTC81bWTR0vGnrncCtuNjVlXJSxr8o_t5sMLpp9wGoTUDKzwvz120acHPpoRU-UyYxLkHNylGT-lCQ&google_hm=HcScuGZHyYyUafscSj2TY3AQ Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	/ cc.adingo.jp/adx/push/ Frame B0DC	0 44 B	739ms 241ms	Image text/plain	13.230.13.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESEMV-u2w5L6DcpbIOxUXkU-Y&google_cver=1&google_push=AXcoOmQQjSoWK87Ftly7zHbiMl-xx7cOLcOhYFS5i-b66A-vvg9xLXnG5HXDuN1qDfYOnbR1R0QG8cpZdbIiuYE2xn0mWiQaZqs Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.230.13.81 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-230-13-81.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT server awselb/2.0
GET H2	200	report sync.teads.tv/um/ Frame B0DC Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAZKSZEBu9yw... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQQBtsVAI0M2cQ1wEK1SCZWbVXfzCseo9bbDDghDIwNttH6zRze7GfPLr8M84m3wOwl3rculYF_RVaTnnNb23FZQt7vm4mTaA https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	69ms 69ms	Image image/gif	104.84.57.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 104.84.57.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-84-57-75.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers expires Fri, 06 Oct 2023 18:36:48 GMT pragma no-cache date Fri, 06 Oct 2023 18:36:48 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Fri, 06 Oct 2023 18:36:48 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame B0DC	0 130 B	58ms 18ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdM9hrcC-JoO3tptVZmVNeDRpHXjrYve_0_GW-fkIOwfmGst0lzJEuyWIsyTlNH6rGmnyOpw Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame B58D	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c3c3b52c1403e02e6c08132246e9fd6c9788b39b2b06d899977718676c074cb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H2	200	default.css as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 9E8E	115 KB 14 KB	21ms 20ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1g3qaw7y1fbsbcc0rhm5jfh4bcdx9vtgmtv3690tnfnwfy4trg5kxzg17wzpzgeby5pv30h69qjd5v487haqh79fvj4ayfexwzaj1hf24rfgnzqsjc75qyyv0s70ec9ha83ee9r5b3e5b3nzx7hxhrxwa71haqqqs24nav6wr34rp85ztn9ftteejezbewwb0rzaeasjyg7z2t9jqb0p7nwbq42zfmf0aqvre598by7cr2bwtqrph147r3snrx573tv8xajwwnbgq9txvmr17nsvwpevgehtvwz1fk69spgh4qzpftz77150zf1phmx2qah4xv141ryjpga9434v0vv0e2vg9tptygw1xkjsm69k32jb04ptaasafn7bs0f1zy2gavfp6tt8kpm59cg0pt2zkfn2ex4xnr5dx5n2qpawbx4snm4na9th7bteb36wm5kjqym1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%26client%3Dca-pub-2393320645055022%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1g3qaw7y1fbsbcc0rhm5jfh4bcdx9vtgmtv3690tnfnwfy4trg5kxzg17wzpzgeby5pv30h69qjd5v487haqh79fvj4ayfexwzaj1hf24rfgnzqsjc75qyyv0s70ec9ha83ee9r5b3e5b3nzx7hxhrxwa71haqqqs24nav6wr34rp85ztn9ftteejezbewwb0rzaeasjyg7z2t9jqb0p7nwbq42zfmf0aqvre598by7cr2bwtqrph147r3snrx573tv8xajwwnbgq9txvmr17nsvwpevgehtvwz1fk69spgh4qzpftz77150zf1phmx2qah4xv141ryjpga9434v0vv0e2vg9tptygw1xkjsm69k32jb04ptaasafn7bs0f1zy2gavfp6tt8kpm59cg0pt2zkfn2ex4xnr5dx5n2qpawbx4snm4na9th7bteb36wm5kjqym1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%26client%3Dca-pub-2393320645055022%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1694166205 age 31612 cf-polished origSize=118430 x-guploader-uploadid ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 08 Sep 2023 09:43:56 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding x-goog-generation 1694166236174866 content-type text/css x-goog-hash crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BThqmvtKUHG6XygypEn%2FfE5W%2FDewVMxkxo2Yle%2FkmYNGmADTXqV%2BYrYvTTnpUOAMRrePjF7cgfcCpB29jQ3zgLrJ2a0b%2BsgbgrbdafZWhoRHf6FThTEMRPwIp51wBSjsymH8G%2B4e2OA%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 118430 cf-ray 8120030f6e0e371c-FRA expires Fri, 06 Oct 2023 19:36:47 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame 9E8E	25 KB 10 KB	23ms 22ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1g3qaw7y1fbsbcc0rhm5jfh4bcdx9vtgmtv3690tnfnwfy4trg5kxzg17wzpzgeby5pv30h69qjd5v487haqh79fvj4ayfexwzaj1hf24rfgnzqsjc75qyyv0s70ec9ha83ee9r5b3e5b3nzx7hxhrxwa71haqqqs24nav6wr34rp85ztn9ftteejezbewwb0rzaeasjyg7z2t9jqb0p7nwbq42zfmf0aqvre598by7cr2bwtqrph147r3snrx573tv8xajwwnbgq9txvmr17nsvwpevgehtvwz1fk69spgh4qzpftz77150zf1phmx2qah4xv141ryjpga9434v0vv0e2vg9tptygw1xkjsm69k32jb04ptaasafn7bs0f1zy2gavfp6tt8kpm59cg0pt2zkfn2ex4xnr5dx5n2qpawbx4snm4na9th7bteb36wm5kjqym1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%26client%3Dca-pub-2393320645055022%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:47 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jul 2023 16:29:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 266773 etag W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzDtuZj6pvEtk%2FvoCTOQlLwPTXfDqQM0ZVPAKI8w%2BVovWIlEFkApp3DWva7RHs6PLnd9HGtVOmJOU9eIMMGbYD%2BPxAmaoeDeyJqJLUzRJhMU9FALTLzY6hWnXgxWKQTelCakl8U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 8120030f6e12371c-FRA alt-svc h3=":443"; ma=86400 expires Tue, 03 Oct 2023 16:30:24 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 360A	0 0	54ms 54ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C8MRxv1MgZc-pCZjVtwfavpyQBI3_pLFzjcbp_LwRxo_Lt9I4EAEgktjfSmCVypmCrAegAaXh9LcDyAEBqQLNxqRQjaOxPuACAKgDAcgDCqoEwwJP0HWUopVmI5Vmbl6Ho7HqUbFIAUmIOA25kALa1RVI8AF8zSgfLjTc08vYLTxjsis2c5xz3eov6Qxm6RMyrrETITHKEewM0AncG9_56V57RoYnYbgZZx5q0PHf4_9hbSxNPhmyt5aMSf3HmJDA7Q8GKQlufSuKBTGe2JBRsLM53Xz0r1ApH2tpD07PijVTsRLMaKosp4sddZKofF99JZ0XUy1eFaqi6xGhV9uLoPV4Nm5OhR491-lao209O7e_CaCWVCzEgHc2Wk28X0YLQBY8cT_YVhTR1a3VaQLnoFCqHNSf7MYJKB7pzebyqFpSG8-sXKLI7T3YZ4knAB_sGUqYsM-AdhSvqUFuIf9Pp5v4h2DMajeT-_W7zMlPpeWrNO_wed2y7jRvaQvAWfAF8xy_20uEEMcNnneTqjkcnlcGoPw9cMAEzpf6h5UE4AQBiAWBnufvRZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfDnotIqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8agC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJd2h0dHBzOi8vd293LnpvbGFyLmRlL3NvbGFyYW5sYWdlLWFscy1pbmZsYXRpb25zc2NodXR6LXJldC8_Y3JlYXRpdmU9NjY2MjA1Mzc2MzY2JmtleXdvcmQ9Jm1hdGNodHlwZT0mbmV0d29yaz1kJmRldmljZT1jgAoDyAsB4g0TCNzb-66I4oEDFZjq7QodWh8HQtgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKg&sigh=mGmI2phW0bo&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNOhmvjFrvAlTTRusdJ9DK2bOFoaCXmOS7vyONJ6vI80NG4W2dkpcCZW--ZGm4s4inNhOkvLfffhgB&template_id=5028&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9E8E	3 KB 4 KB	62ms 21ms	Image image/png	2606:4700:20::681a:71b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3076 x-guploader-uploadid ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 3262 last-modified Tue, 21 Jun 2022 12:31:17 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary Accept-Encoding x-goog-generation 1655814677405990 content-type image/png content-language en x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etCTqzca5Pp7Yo26Tswr19em9ddOtirul7uYZlv21cjTVWAe0OEMGsqmlIi9eyIcxsY4DHR4HylEybyvgojTMuRzxqTX3mqjQMwVN52eYhDUtsYPX7cFxMQ3IPtx5nGS%2FVS4iGD8Dri0tJ%2BTCcHHnle4"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 812003104fe19b6e-FRA expires Fri, 06 Oct 2023 18:29:59 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame 7A6A	2 KB 1 KB	19ms 19ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1626804 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 81200310090b35f9-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Fri, 06 Oct 2023 18:36:48 GMT expires Sat, 09 Sep 2023 00:14:58 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VFEeWrQ3YBCGvjmzC4M5dQgjGNi8RZMmu2A3aft1ipN0HtKiwlR8GQYhlNzPMaBIJ5DrtdGWsvFOOEpKIhROPJtZsQmRIItdM3KSqXRr55qUMPdbvQEeIFPd9M1g0qpR7segao%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H3	200	rs Show response ad4m.at/ Frame 9E8E	1 KB 2 KB	35ms 34ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b76205a1c9848c2e4182f366a1976e07e6f21f9751271a937792d6b27362b6a Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type application/json Response headers date Fri, 06 Oct 2023 18:36:48 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfDyGhKixACrG%2BfM6fY23ND8OJu15Yk1GBOMeK%2B7K5OsraOoXSak9dzkC7w%2BCSL5Jhn2iExX2BhsWg1fmeWsLhk%2FPAZw0Cuk7mDaQzitgU37Kcjq7XpzjaO0aNKZwb1y050zqdw%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 8120031089d83645-FRA x-backend-server aa-reachservice-group-europe-west1-494z alt-svc h3=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	42ms 30ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8120031059823645-FRA content-length 24 content-type text/plain date Fri, 06 Oct 2023 18:36:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XROt8W4BYEp8c3SSLH30o20sBv9RKvkBx90Fl3mZRxdidl%2F9xxCG12kh%2BQTqV5FfRVVYiP0Lwme5bkigNa%2Ft7ssx5aAUVPhXYpEr2MqAy8FVQg4dbZlxkzfXZUtAKSFsH2gVhic%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-494z
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B58D	0 0	51ms 50ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CKevhv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSoAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5VSyA8ri9ShmGtTnSVmZWsHjtY1xwzCtHfIufjucRs87uka47oFF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjM5MzMyMDY0NTA1NTAyMhiymCo&sigh=K9SiQ8KspaE&uach_m=[UACH]&cid=CAQSPADICaaNOhmvjFrvAlTTRusdJ9DK2bOFoaCXmOS7vyONJ6vI80NG4W2dkpcCZW--ZGm4s4inNhOkvLfffhgB&cbvp=2&vis=1 Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame B58D	0 103 B	69ms 23ms	Image image/gif	2600:1901:0:76b9:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1has6yzajhwg1evavcjvddxyq4fvyskaf7k34kx92s7rmx2j8gwm3qsw3y5n8axhxmwvap4v4yr7zrp13mrgf4x2teq9ytqffamt9aqy82ejnrmrc0nmseg5dv0drtva1d533erx0yb3wdc3wmyvkbkjvdstc7mvtrv1pcqpqrf4xrwr57n76xkfj9jbyqevpdar25gpqjkpz7ea496z5rycht627fvrbka5t83fem4hfx7hppptt30gqjbkh931my24r7ajzcga9erznr17fnnznqhfq7vb3c4j9qv58j41mergtayk1hc7j5q84rqq6x1rj541p851fb7559vy5zypqjnzz5kjrq5acpzxgks9qxn6gx7fjp9abb45brkrh78xkeyja9gn4s8&b=ZSBTvwACVNAK7eqYAAcfWkdSb9k6WudtVrug3A&cbvp=2 Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers access-control-allow-origin * date Fri, 06 Oct 2023 18:36:48 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	rar Show response as.ad4m.at/ad/ Frame 7693	5 KB 3 KB	33ms 33ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d90836ab542a090e969ebae20e5be625e3980637b74930e74b36d929f7ed4aff Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1g3qaw7y1fbsbcc0rhm5jfh4bcdx9vtgmtv3690tnfnwfy4trg5kxzg17wzpzgeby5pv30h69qjd5v487haqh79fvj4ayfexwzaj1hf24rfgnzqsjc75qyyv0s70ec9ha83ee9r5b3e5b3nzx7hxhrxwa71haqqqs24nav6wr34rp85ztn9ftteejezbewwb0rzaeasjyg7z2t9jqb0p7nwbq42zfmf0aqvre598by7cr2bwtqrph147r3snrx573tv8xajwwnbgq9txvmr17nsvwpevgehtvwz1fk69spgh4qzpftz77150zf1phmx2qah4xv141ryjpga9434v0vv0e2vg9tptygw1xkjsm69k32jb04ptaasafn7bs0f1zy2gavfp6tt8kpm59cg0pt2zkfn2ex4xnr5dx5n2qpawbx4snm4na9th7bteb36wm5kjqym1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%26client%3Dca-pub-2393320645055022%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 81200310ca5535f9-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:48 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	default.css as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 7693	115 KB 14 KB	24ms 23ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1694166205 age 31613 cf-polished origSize=118430 x-guploader-uploadid ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 08 Sep 2023 09:43:56 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding x-goog-generation 1694166236174866 content-type text/css x-goog-hash crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46kv0nwxsKF3Zg4C16dn8AVDkmC5U2M9lRtONCdj4ZeH2S3K5b80O%2F9Z2S4dnJLwJSM2n2X%2FpAcs3uflTaYLLAjNnKCKagdVHdlsHWuXf0sW2HE9oFJtvOAvv9XttDF0ZnV1RfR2Z94%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 118430 cf-ray 81200310faab35f9-FRA expires Fri, 06 Oct 2023 19:36:48 GMT
GET H2	200	AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 assets.ad4m.at/logo/ Frame 7693	32 KB 33 KB	43ms 32ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2506159 cf-polished origFmt=png, origSize=60352 alt-svc h3=":443"; ma=86400 content-length 32982 cf-bgj imgq:85,h2pri last-modified Fri, 28 Jul 2023 11:40:29 GMT server cloudflare etag "0c5d451d92738dcd96474c734dc5b7c8" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylhQBYDDxLdD%2Fyx2v%2FZMNwuk2rOcUWIgg0epj8fzjt%2BuZMH2YTIor5vHu%2FZHmxMMhF5OvO5jctE4qI3VtAe%2FCkC%2FkSI2aoPItxGZ5TR%2BQTN4bmTdgTqwQ285QnrBL0xiVuuXQeJTQje15%2BpK"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 81200311089b371c-FRA expires Sat, 07 Oct 2023 18:36:48 GMT
GET H2	200	A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 assets.ad4m.at/product_image/ Frame 7693	91 KB 91 KB	30ms 20ms	Image image/png	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1291975 cf-polished origSize=105738, status=vary_header_present alt-svc h3=":443"; ma=86400 content-length 92686 cf-bgj imgq:85,h2pri last-modified Mon, 04 Jul 2022 08:55:40 GMT server cloudflare etag "147be38db57f89c69c9e65b05983ff0e" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtVEwJvW5hzSofx6sWOvVUPj99JY8UNZk8kvekGCcV48euBuecWaLlNbqm8XdVb4GXNsvAPPbP4TOYDdtzIt7o5vuqSCTMvxUDOyhfjalDa6hMzo5HwHdJGCexVzJEknKLD6q0o9fdtsNupb"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 accept-ranges bytes cf-ray 81200311189f371c-FRA expires Sat, 07 Oct 2023 18:36:48 GMT
GET H2	429	link.html track.webgains.com/ Frame 7693	0 0	107ms 32ms	Script text/html	13.43.154.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j07323867hpt462fwjqzr8xy0k1088zqjsph6sf62r4vv4ewds8w4hgz7ygbbg7f2rmb121zky0825qh4fxmc1e2g05n2725gxq4w78z9m1zewzmnvxmyhv8xvtwj8x7s3g92t3xe3atf65p6zdryet1jds85w1a4pdmmmystf1xz3ah4mzb1wwf8qksxmdzdhhnj0871hye2rjszv033845350rr5fxw4gtdvgczcxa3zrygth5v65mwafapb4eknne%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%252526client%25253Dca-pub-2393320645055022%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=320&d=50&e=&g=c1ae9e10710c03524aa12fb4fb8fa456%2F11973012199596442570&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1696617408081&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jg4h7jdbqme97kgmare23r2ymqmzcgeqz4zbt94br14dvpxj84tqbvp8x71md5fdnmahmwy2qjv34wtazqzpqs76kpq14va1t7b0eqqr1q6k5dswpz0ty665hdapfdhb0vj745c7r2dtqead341b6gjas1adj7jkwamr4re6dh9nrd5qffv7n03f0sa6vnam4epggh1fz57ac4f8a3z8b1mvkes839ztc0gnefsb6b215k1d25nx54nkp314eaec288746q6q9wp4ekjendrp6v%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD-OWv1MgZdCpCZjVtwfavpyQBJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQmpAs3GpFCNo7E-4AIAqAMByAMCqgSrAk_Q4PaUwBPfKm4CDmAo38__2u69jbKiB9c18RK_k8KsMtOHs-fnH84XzNWRJoFRdkGgs_IOjSfRjES8DFrBsYRKNoW4dtDVLWMME62mTeIcXkILxrkkl7wQ_Ghyh0R08IAPe7jyUXoqCHheiJPYtvroe7-1p9r_sh0Z7cnBpeImCBrsaKXMOujbIFoSxQIoXM2gnBq0FAqGh4YvI9XG_1UVGx8mvbWzcuE8Rz-sLzvRoL9ekK_lVNBHpVTqhqgWifXLZoZONtyZT2L5QQU01yVSGfZj7MULwe5d1mXD2rGe-1Yqx4Wkvt17DmYMmH3zN-6TgCfFPiRXrVc1lveDXQ_g5RawIlg1DK8m0lOv34PQyDPaoYfcyR61wHLsN6lk0tEXopNkccGNE-uF4AQBgAbF76qXrOryphygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Dob8GouctVFmn3ZG4_xeWJrdJwg%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.43.154.56 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-43-154-56.eu-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:48 GMT server awselb/2.0 content-length 45 content-type text/html
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B58D	42 B 64 B	114ms 114ms	Fetch image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZygW96uM60xzXOjdx-P2V0J8i23TRU7URPXzSAnX5Br7jkR8gWYtDr4Bvdo8BVgW25tifIL79zW9QuEHVJj8Y-vSgJ2vI6TMqzjmm&sig=Cg0ArKJSzCGS38kFMX5yEAE&id=lidar2&mcvt=1000&p=1107,500,1157,820&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3108647390&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696617407743&rpt=215&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:49 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 360A	42 B 64 B	121ms 121ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ0ECOmaazCVscVu65U-cIggUw1Kb3VLddGoM_NFAY9wcXdjdoRwcebq-_ac7US0e3CGh9hKwBQlGvZ7m1ICwfKg1t6ZuBeFSyzYsbWFwNCtyStJaxFUnL7bZ_jq96yuxA95Ccqaulp8BF&sai=AMfl-YTuN472xWH_R9QKL6DU1PIKNfcj3t2ipx4cINobuw_HXAiNBU3i-VXfShvScsks-pUe4FTIX4-HfruLvnNVBGMDlYREhqDfisZMIqbJ9XNMnrZQ90qh_Qf1ceRt&sig=Cg0ArKJSzBP7-9YBNo56EAE&cid=CAQSPADICaaNOhmvjFrvAlTTRusdJ9DK2bOFoaCXmOS7vyONJ6vI80NG4W2dkpcCZW--ZGm4s4inNhOkvLfffhgB&id=ampim&o=426,301&d=468,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=260&tls=1260&g=100&h=100&tt=1260&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:49 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	196 KB 53 KB	476ms 475ms	XHR text/plain	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376729897192721&correlator=3379205310138910&eid=31078636%2C31078529%2C31078562&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&didk=428387926&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D886c779afe1db864-22cc786038df00d4%3AT%3D1696617406%3ART%3D1696617406%3AS%3DALNI_Ma10P7irb8QoLZ5ZaPGeV92DC5tYA&gpic=UID%3D00000c8fb1f05b7d%3AT%3D1696617406%3ART%3D1696617406%3AS%3DALNI_MYFsjH8V2ZzwmZqv7yWL20EiJs87w&abxe=1&dt=1696617412050&lmt=1696610212&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1947906244.1696617406&ga_sid=1696617407&ga_hid=712859326&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYycScsrAxSABSAghkEhkKCnB1YmNpZC5vcmcY-sScsrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMnEnLKwMUgAUgIIZBIXCghydGJob3VzZRivxZyysDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pTkhaeFNtbG9UMGxUVm1GM2FHMTZjRE4zY2xsUFFUMDlJbjA9GNDHnLKwMUgAEhsKDGlkNS1zeW5jLmNvbRjMxZyysDFIAFICCGo.&dlt=1696617406209&idt=813&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D55%26protag_minutes%3D36%26protag_hours%3D18%26protag_day%3D5%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&adks=2571317652&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b521ee6daad1243aea994a0a5ce2e7cc302e1f55665c1b57f9b95796b9fb3ff8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:52 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54122 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://blog.s.id cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/	37 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl_page_level_ads.js?cb=31078562 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1f890cadf20963227cfe01dfe66ef13b1454fa6ad8bee83995d34829dc923b67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 10:36:57 GMT content-encoding br x-content-type-options nosniff age 28795 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13136 x-xss-protection 0 server cafe etag 12383328906955195393 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 05 Oct 2024 10:36:57 GMT
GET H3	200	container.html Show response 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2128	6 KB 3 KB	8ms 7ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 18:36:47 GMT expires Sat, 05 Oct 2024 18:36:47 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 2128	4 KB 767 B	18ms 17ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 06 Oct 2023 18:36:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 06 Oct 2023 17:51:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 06 Oct 2023 18:36:52 GMT
GET H2	200	css fonts.googleapis.com/ Frame AAEF	14 KB 1 KB	17ms 17ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 06 Oct 2023 18:36:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 06 Oct 2023 17:50:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 06 Oct 2023 18:36:52 GMT
GET H3	200	load_preloaded_resource.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AAEF	3 KB 1 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e0b374d64219f25c480983127d46b1dad0d87e14292b621df9205a2c3c5ce98a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 13:46:23 GMT content-encoding br x-content-type-options nosniff age 17429 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1247 x-xss-protection 0 server cafe etag 9347959128929567288 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 13:46:23 GMT
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame AAEF	30 KB 11 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:58 GMT content-encoding br x-content-type-options nosniff age 1614 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 18:09:58 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AAEF	3 KB 1 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:58 GMT content-encoding br x-content-type-options nosniff age 1614 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 18:09:58 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FEBE	1 KB 643 B	11ms 10ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72042 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 22:36:10 GMT etag 48472445140208031 expires Fri, 06 Oct 2023 22:36:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AAEF	29 KB 11 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9249961fa6c61c4787e2bc5c6f70c4c3d8f17c10bb1cd25e1b184c8f060b4817 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:58 GMT content-encoding br x-content-type-options nosniff age 1614 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11411 x-xss-protection 0 server cafe etag 5704382602992120581 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 18:09:58 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame AAEF	0 0	16ms 15ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCjwwnE-NPcm9QxVhyk-PvFALI48YQuLMdisPBPQLtOcvueZWOY9Mt3EIsACgso8sThkrBgGhlya4eSslEI5yEQa9jrg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AAEF	187 KB 59 KB	53ms 50ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 06 Oct 2023 18:36:52 GMT
GET H2	200	f20a2b7dfb9062a0a08db52babdaa11c.js Show response www.gstatic.com/mysidia/ Frame AAEF	37 KB 16 KB	37ms 7ms	Script text/javascript	2a00:1450:4001:827::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:09:59 GMT content-encoding gzip x-content-type-options nosniff age 1613 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15586 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:46:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 04 Jan 2024 18:09:59 GMT
GET H3	200	interstitial_ad_frame.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 2128	31 KB 12 KB	11ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame.js Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b78ad97ecc98922664eae03527ef9405cb18842ba2336b24a98a36942134653d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 15:38:33 GMT content-encoding br x-content-type-options nosniff age 10699 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12002 x-xss-protection 0 server cafe etag 3841148864591685569 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 20 Oct 2023 15:38:33 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 2128	205 B 296 B	33ms 10ms	Image image/png	2a00:1450:4001:827::2003
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 05 Oct 2023 01:08:26 GMT x-content-type-options nosniff age 149306 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 04 Oct 2024 01:08:26 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 2128	604 B 920 B	32ms 9ms	Image image/png	2a00:1450:4001:827::2003
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 04 Oct 2023 11:42:48 GMT x-content-type-options nosniff age 197644 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 03 Oct 2024 11:42:48 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEBE Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFm5okRWq9S7E2pnj1Dsei0&google_cver=1&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIl... https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIlt9uu9SobRcwO5xLkZSUZRixgNNdJ4h48cOsqcof2dD&google_hm=QFBgj_huuSSu...	170 B 188 B	17ms 17ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIlt9uu9SobRcwO5xLkZSUZRixgNNdJ4h48cOsqcof2dD&google_hm=QFBgj_huuSSuvkzKgggdRg Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRYOO4x93PNxiK3dfDUhFaptpBt1JK2fzh885RuCGoaYBXjIPfrIlt9uu9SobRcwO5xLkZSUZRixgNNdJ4h48cOsqcof2dD&google_hm=QFBgj_huuSSuvkzKgggdRg pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame FEBE Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2...	43 B 441 B	182ms 181ms	Image image/gif	2606:4700::6812:18ad
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:18ad -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:53 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8120032e3d0c3608-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 525 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOKm6UUO9-ES7B97OyP3Ktg&google_cver=1&google_push=AXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSTwe3qzOsA7ME70--NC_stAKRnUYM5IVZCe3MQ0q7tWhAzHgradshZbzJVIR2j-_jTiwO45yhhHtgNFDS1VdfzLMUYPC2m%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8120032d0b6f3608-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET		adxcookie match.adsby.bidtheatre.com/ Frame FEBE	0 0
GET		gcm a.c.appier.net/ Frame FEBE	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEBE Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESEJEob9dv5FyAGVNq2zEzC3I&google_cver=1&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU9... https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJEob9dv5FyAGVNq2zEzC3I&google_cver=1&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbf... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN	170 B 188 B	21ms 20ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRZld2sHg6Hwb22bPXFw0dzv3dlf-XvZHO-oQRzVSJK6FqwqRN-8EIPA-aC_dG2L096u5mJ2y3u4X5bVgKL1ulbfU96TuXN content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEBE Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJ0XxLONe-zKFzsTuHKCciY&google_cver=1&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU3MDA0NDUxNTMyMDY1MjU2MDcwOQ%3D%3D&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2...	170 B 188 B	24ms 24ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU3MDA0NDUxNTMyMDY1MjU2MDcwOQ%3D%3D&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU3MDA0NDUxNTMyMDY1MjU2MDcwOQ%3D%3D&google_push=AXcoOmTrQNPIrTKaQte5yvZwEwlP58JYmw7yVV6LUBN_iR5xH2zxu5t2s2Bxb_VvpmgmwOpCo8Ly_Nn23UNjh0ycj83teZO3k5M date Fri, 06 Oct 2023 18:36:52 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEBE Redirect Chain https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEN-o5B4ubNTQwn7BIpRyAt8&google_cver=1&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-yiWSwYw&google_hm=MzI2OTc3O...	170 B 188 B	22ms 22ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-yiWSwYw&google_hm=MzI2OTc3ODEzODYwNTE2NTA0Mw== Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Fri, 06 Oct 2023 18:36:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTUGxgLvjvG9FJnQXIKio1y6tmP7rFHXUsUlyIhqkRykDzV7Ff1_RbaUGOUAgEp6q0McHjI8xvWoeb8UDXtJ2cxWM-yiWSwYw&google_hm=MzI2OTc3ODEzODYwNTE2NTA0Mw== Date Fri, 06 Oct 2023 18:36:52 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame FEBE	0 12 B	16ms 15ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jq9k-fVKpyJggaH1Y5SVh-PVVaDWOOriuDnjEb-XqHOS8P7Px7ZwgX7HUOC_6wqcdEZib5OQ Requested by Host: 69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com URL: https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Fri, 06 Oct 2023 18:36:52 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response pagead2.googlesyndication.com/bg/ Frame 64D2	37 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://69ee739e075f6c2fd3dc7f5990126bc5.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 05 Oct 2023 07:33:08 GMT content-encoding br x-content-type-options nosniff age 126224 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14668 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Oct 2024 07:33:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

app.s.id

URL

https://app.s.id/api/user/me

Domain

sdotid.zendesk.com

URL

https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain

sdotid.zendesk.com

URL

https://sdotid.zendesk.com/embeddable/config

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3a40&_p=508418571&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696617405&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=37

Domain

region1.analytics.google.com

URL

https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3a40&_p=508418571&cid=1947906244.1696617406&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696617405&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=23

Domain

home.s.id

URL

https://home.s.id/cdn-cgi/rum?

Domain

match.adsby.bidtheatre.com

URL

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEErjWr-tCKp-xeLGYQWQSsQ&google_cver=1&google_push=AXcoOmS44oFTtL1xMzgovd9SMz6qmEyC1eRvus6DM3eQzAMu2jBdwcOLje6KALb5Sggq7-Nw_hKq1id4KXsJB5bKIzJ42Zjwp8-g

Domain

a.c.appier.net

URL

https://a.c.appier.net/gcm?google_gid=CAESEB9uTp6ziZpWVcsLYyTUt_M&google_cver=1&google_push=AXcoOmTJQTroQ2WBASOtoWuh39w2ByE0CrXQt5idP85A-ryQ8B8iN-3_rIumTrIJghtUmkl0gAVJY8zHfrVP2Vnsqf8_GjvkzI48