blog.s.id Open in urlscan Pro
2606:4700:20::681a:7f9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s.id/BMEpS
Effective URL:
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm...
Submission: On December 01 via api (December 1st 2023, 1:02:58 am UTC) from LU — Scanned from DE

Summary HTTP 210 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 52 domains to perform 210 HTTP transactions. The main IP is 2606:4700:20::681a:7f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.s.id.
TLS certificate: Issued by GTS CA 1P5 on October 10th 2023. Valid for: 3 months.

This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
36	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4bb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.85.92.127 52.85.92.127	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	34.255.67.121 34.255.67.121	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.159.128.7 162.159.128.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:bae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.246.240.36 34.246.240.36	16509 (AMAZON-02) (AMAZON-02)
1	54.154.193.186 54.154.193.186	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
6	2607:f8b0:400... 2607:f8b0:4001:c0d::78	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:26::a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	64.74.236.159 64.74.236.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	35.214.197.221 35.214.197.221	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
210	55

3 193.84.85.178 (Russian Federation) 3 redirects

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:7f9 (United States)

ASN13335 (CLOUDFLARENET, US)

home.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4bb1 (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-127.ham50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.67.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.7 (None, )

ASN13335 (CLOUDFLARENET, US)

shortener.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bae (United States)

ASN13335 (CLOUDFLARENET, US)

fatchillianalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.240.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-240-36.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.193.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-193-186.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4001:c0d::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:26::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5lznls.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.159 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.197.221 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 221.197.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	s.id 3 redirects s.id — Cisco Umbrella Rank: 135548 home.s.id — Cisco Umbrella Rank: 893356 app.s.id Failed blog.s.id	747 KB
34	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com	3 MB
28	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	386 KB
15	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	177 KB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	251 KB
10	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	83 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	710 KB
7	google.com accounts.google.com — Cisco Umbrella Rank: 23 region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	80 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	748 B
3	google.de www.google.de — Cisco Umbrella Rank: 6765	669 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	1008 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3633 r5---sn-4g5lznls.gvt1.com — Cisco Umbrella Rank: 837806 r2---sn-4g5lznls.gvt1.com Failed	1 MB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	90 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	14 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46149	628 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47317	877 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 870	416 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	75 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2935	1 KB
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 4454	134 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 582	597 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	166 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	553 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	538 B
1	fatchillianalytics.com fatchillianalytics.com	555 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 102840	126 KB
1	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 398617	39 KB
1	zendesk.com sdotid.zendesk.com Failed shortener.zendesk.com	956 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
0	de17a.com Failed d5p.de17a.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	acuityplatform.com Failed ums.acuityplatform.com Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	simpli.fi Failed um.simpli.fi Failed
0	dotomi.com Failed dclk-match.dotomi.com Failed
210	52

	Domain	Requested by
21	blog.s.id	home.s.id blog.s.id static.cloudflareinsights.com
18	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com home.s.id
15	home.s.id	home.s.id static.cloudflareinsights.com
12	pagead2.googlesyndication.com	blog.s.id pagead2.googlesyndication.com tpc.googlesyndication.com 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com www.googletagservices.com
11	cm.g.doubleclick.net	1 redirects 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	1 redirects blog.s.id securepubads.g.doubleclick.net home.s.id www.googletagservices.com 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
9	static.zdassets.com	home.s.id static.zdassets.com blog.s.id
9	www.googletagmanager.com	home.s.id www.googletagmanager.com blog.s.id
8	www.gstatic.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com home.s.id
6	csi.gstatic.com	www.gstatic.com
5	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	www.googletagservices.com	securepubads.g.doubleclick.net 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com home.s.id
4	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	home.s.id tpc.googlesyndication.com 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
3	fonts.googleapis.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com home.s.id
3	www.google.de	home.s.id blog.s.id
3	s.id	3 redirects
2	assets.ad4m.at	as.ad4m.at
2	www.googleadservices.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
2	b1sync.zemanta.com	2 redirects 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	ekr.zdassets.com	static.zdassets.com
2	connect.facebook.net	home.s.id connect.facebook.net
2	static.cloudflareinsights.com	home.s.id blog.s.id
1	prod-rtb.ad4mat.net	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	csync.loopme.me	1 redirects
1	ssbsync.smartadserver.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	match.adsrvr.org	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	cms.quantserve.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	r.turn.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	r5---sn-4g5lznls.gvt1.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	a.rfihub.com	1 redirects
1	cs.chocolateplatform.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	match.360yield.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	ads.yieldmo.com	1 redirects
1	image6.pubmatic.com	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	fatchillianalytics.com	home.s.id
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	shortener.zendesk.com	static.zdassets.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	protagcdn.com	blog.s.id
1	cdn-sdotid.adg.id	blog.s.id
1	www.facebook.com	home.s.id
1	accounts.google.com	home.s.id
0	d5p.de17a.com Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	x.bidswitch.net Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	ums.acuityplatform.com Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	match.adsby.bidtheatre.com Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	um.simpli.fi Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	dclk-match.dotomi.com Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	r2---sn-4g5lznls.gvt1.com Failed	6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
0	sdotid.zendesk.com Failed	static.zdassets.com
0	app.s.id Failed	home.s.id
210	77

This site contains links to these domains. Also see Links.

Domain
s.id
protagcdn.com
home.s.id
instagram.com
twitter.com
facebook.com
tiktok.com

Subject Issuer	Validity	Valid
s.id GTS CA 1P5	`2023-10-10` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
protagcdn.com E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
zendesk.com E1	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
fatchillianalytics.com GTS CA 1P5	`2023-11-11` - `2024-02-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Frame ID: 3CFB68873178394A81DF24AB9909DDDB
Requests: 92 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Frame ID: B6AE788398B7963E5EB27E4D11C81B11
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup.html
Frame ID: FE62C2A216C91665A69F8E69B54FBFFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1701392572&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701392572013&bpp=3&bdt=158&idt=110&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334093311610&frm=20&pv=2&ga_vid=1879529940.1701392571&ga_sid=1701392572&ga_hid=1112505679&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C44795921%2C44805915%2C44809316%2C31078297%2C31079889%2C44807754%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2556246350383363&tmod=1052003112&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=125
Frame ID: 4A8B0C70F209F25FEB41932227E85009
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBA9BA9B0105D5AA97FA1FA356213A26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44FE5245C53DEBAF29DD2D797194250F
Requests: 2 HTTP requests in this frame

Frame: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 798E2683EB9D2FFC9F46D6296A4BBA54
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7b3d0eba84129756bae8.js
Frame ID: B781E96A72E24F5CE5410018A3D5EF91
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: 86DA0569DC09E617CECBF3F128CECB21
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 78A12C5889DE8C678A5DF16CA42B3163
Requests: 1 HTTP requests in this frame

Frame: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0EC2EE3EE11A719196B3330B83E2EE44
Requests: 24 HTTP requests in this frame

Frame: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F34414042FB88CD57B0F4D4CB1E4492
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjrtDBfBewBy1dtcP01dfAalpl2xVWho9nKWZV6cM7WC_KdDMqmKPCxTSe8ix7-5Vdf0k7un5pGyRRwAB8PNzL4GIrqFCUZGpctkTKXYaL3yB1nwn2D3lK1AFKSuo-xEAWrWSMDdbegSBJJQYfU3Y4nZPRkG-pUdgFpv6CsFBFRTlvYuPpFx18_L31E6lR38CykAuTmJqlYHiJxrGNjf8VFhDMqQaK9tUoJHbfr0Q0LgKTp8DvwcUjdbm2wiKPRUf40e1jYKvGcU8qeG6xbvOQMyU4_Nb_1A0OMs1nzozy6VCrVunGwYPfvrhZVYj92gllriaxgwkLEaT22pfRfGtyqg&sai=AMfl-YRbepfB1nhzYBoFGg0p-1P6beiOfAoMiqd8jeooOs8l-Wb1VWHlF6ZDLZwvO6BPvMfFv9Ic2ddMBP2c8i58YIvOBDALB7FFaR64v_pycPjlU-i3v0bGQcKOViAUVIpzfBBDMmcdj434Uw&sig=Cg0ArKJSzNlVdlbZkLsmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 85D813BB1865A134F7375D5E76F78FD0
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D
Frame ID: C2365BA74C0C48C7E437DBF1E84DD337
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9531673B6EE0523E19338ECA0E38ECBA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 283AC161DA024219A980AEB6936EBFBD
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D4B853B9478430918700033FC5C0E1A4
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0
Frame ID: CE9D8E3FB1FEED6511956166B7A5E026
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D57308F135DF54CEA54367483BE4C9E6
Requests: 1 HTTP requests in this frame

Frame: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CE6BB9480FEE56EE7030443E0B512F0
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 25C132AEEA5DEBB22C731DB7D46F8578
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AD74B9011E9F1935A39066B3B738772
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oops, You accessing Forbidden Link! What is that? - s.id

Page URL History Show full URLs

http://s.id/BMEpS HTTP 308
https://s.id/BMEpS HTTP 302
https://home.s.id/forbidden Page URL
https://s.id/1SV77?s=skip HTTP 302
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

210
Requests

86 %
HTTPS

58 %
IPv6

52
Domains

77
Subdomains

55
IPs

10
Countries

6965 kB
Transfer

13879 kB
Size

34
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://s.id/1VeMR

Search URL Search Domain Scan URL

URL: https://protagcdn.com/r/adplus/?utm_source=blog.s.id&utm_medium=banner_ad&utm_campaign=logo_click
Title: Ad.Plus

Search URL Search Domain Scan URL

URL: https://home.s.id/
Title: Home

Search URL Search Domain Scan URL

URL: https://home.s.id/subscription
Title: Subscription

Search URL Search Domain Scan URL

URL: https://home.s.id/page/help
Title: Help

Search URL Search Domain Scan URL

URL: https://home.s.id/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://home.s.id/page/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://home.s.id/page/report
Title: Report

Search URL Search Domain Scan URL

URL: https://home.s.id/page/about
Title: About

Search URL Search Domain Scan URL

URL: https://s.id/status
Title: Status

Search URL Search Domain Scan URL

URL: https://instagram.com/home.s.id

Search URL Search Domain Scan URL

URL: https://twitter.com/home_s_id

Search URL Search Domain Scan URL

URL: https://facebook.com/socmed.s.id

Search URL Search Domain Scan URL

URL: https://tiktok.com/@home.s.id

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s.id/BMEpS HTTP 308
https://s.id/BMEpS HTTP 302
https://home.s.id/forbidden Page URL
https://s.id/1SV77?s=skip HTTP 302
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://s.id/BMEpS HTTP 308
https://s.id/BMEpS HTTP 302
https://home.s.id/forbidden

Request Chain 105

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 109

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3D_yeHxxdkUxQzJaMC82NHl1NjBCSnVYQTFRQlA2aDZOMENnbHd1UWNzV0xlZzc2QzJ0NitsVzZqMk9FZFFRUXJENWIzVEVpakdScU1iVkVlWTdmZGJBcWJ3NzZxSURWTitMandMSlFwYmZnRHl2L2IvZU40YWJBSXZXRmRiNnJjQzZUR1I4ZlFPMTV4MDlhaXE4SCs5SnBkZVpURzc2Q1o3UUtIQTN3bWxmUDRNVnRMZVJIWTA0c2ZMUDJkQ1pMektLNk8yNlR1OVpRdzYxMHp6SGxiUXloR0MyMTJtOXA3TnBmTVc4ZGNKa2U5QW1Bckg4Y3pJT0NWRXgvZlJVVGpkVUxjRUt4MHVPRlR2azFuK1l3NXRIQzEzZz09fA&cppv=2

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEB5Xxs2jufLvoOKTKnBtFuU&google_cver=1&google_push=AXcoOmRBeLnUYHoW4V32XSj2HsWQEZmxfnL19SJUeGm3Gg05Jck6a01cC272CD3Mp6J5D2iiOMTykBD-TpxAnMo4lFWjBhNSsOo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5Xxs2jufLvoOKTKnBtFuU&google_push=AXcoOmRBeLnUYHoW4V32XSj2HsWQEZmxfnL19SJUeGm3Gg05Jck6a01cC272CD3Mp6J5D2iiOMTykBD-TpxAnMo4lFWjBhNSsOo

Request Chain 135

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMbf1MO7nv-2RLLUc3wd3Dc&google_cver=1&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf2NhW8U5m7ag HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HNCTqHNeQ-QV4SokL8bbEg&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf2NhW8U5m7ag

Request Chain 137

https://ads.yieldmo.com/exptsync?google_gid=CAESEE-0qwtfboc9-cE-XFb6ZM8&google_cver=1&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q&google_hm=M3pFRU1xcW5uN3FYVkJDUElHUlk=

Request Chain 140

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF2tBkXZM9T2jXN5hqZeGbY&google_cver=1&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cdf__cr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cdf__cr&google_hm=MTc0MjAyMzQ5MDIzMTM2NTExNQ==

Request Chain 147

https://redirector.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=A559EE56946931BE1F538C276E4F9C5C4D944AD4.64EC7CEAB826FBDF3A888328670A7B30C2DC37C6&key=ck2 HTTP 302
https://r5---sn-4g5lznls.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1ECF819D65BC08D3237FF20E85026D55814A3110.1C293AE59CB9736086E7B58E4DE16CBC0CC7F74F&key=cms1&cms_redirect=yes&mh=RZ&mip=2001:1b60:2:240:3247::12&mm=28&mn=sn-4g5lznls&ms=nvh&mt=1701391822&mv=u&mvi=5&pl=29

Request Chain 157

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1&google_push=AXcoOmQnDE1nE9_QSYalHUkbXoRG_oKTo13wkSp1TuvK1Xrp_GKP3CyBRfHP8Sj3vKT4ilSCGAXPE0ILcBX1bss5ea4pzYywTPo20A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUzNDUwMzA2MjI3MTUyMDMyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1

Request Chain 160

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEX0GL-rVaLqtx8sdIXYjtY&google_cver=1&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV-wxeVI_rh9RDwNwrEhOW HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEX0GL-rVaLqtx8sdIXYjtY&google_cver=1&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV-wxeVI_rh9RDwNwrEhOW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3OTk3NzMxNTA3ODUxMDk3Mg&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV-wxeVI_rh9RDwNwrEhOW

Request Chain 162

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMoHVKDJ8nbboAcmxQQle-g&google_cver=1&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMoHVKDJ8nbboAcmxQQle-g&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU&google_hm=TEc4aWlXYnppN0h5STBLemhoRno=

Request Chain 163

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECy5gc4FYO_3vjLcFYRqX5Q&google_cver=1&google_push=AXcoOmSjLr7wxHu4IRRt_2K48uMgutkyUiR1H1ebjKGrmmAaL-4aYZzJDZCXQNWVDrJfWpfKov9JaF6oAgE3tKgLUKO8faYqHaYHqg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c950c299-eb9e-42db-a7df-b87a8538907d&google_cver=1&google_gid=CAESECy5gc4FYO_3vjLcFYRqX5Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSjLr7wxHu4IRRt_2K48uMgutkyUiR1H1ebjKGrmmAaL-4aYZzJDZCXQNWVDrJfWpfKov9JaF6oAgE3tKgLUKO8faYqHaYHqg&gdpr=${GDPR}

Request Chain 165

https://securepubads.g.doubleclick.net/pagead/adview?ai=CYGUevDBpZbXqMMmxjuwPlfSTsALmzfHdcuv13_PpEYiI9drWARABIJLY30pglZqigrAHoAGIxPK_AsgBCakCU24ivAlPsj7gAgCoAwHIA0iqBNQCT9A61p8DjtfEJOQFP4UsdVTuqTgbcst2UJRZwxK2Axr2k-9LkRMpGTwMcBr4pmJKzTR7TlkjhmcKNRzgAOqbJn7CDsVyVDyPfeji5pQ1QdGI6g81XSWmjD93htpS8Rr_9mwUqgj6RBxD8iuKhPmxByvGj82h8SvAY4DJp-cXKGOMdYXi5g32IzoROM5Iqi2efoEUAmm8a1Ut-x5ju-EPHmJ6XxGoFdWVLqC9GAIBqXB86rAKBBTiWHrjB7yw_8Z4oaXQ4OWVzLuBjFVH6uW2RAD9x63Y_8sa5e2EqMhQFPDSmPHbfBZRUmMDP22qvsaEMrNp_6-tISSIhWUPFBRvog7P7e7BAYXnT8TLguK7UbRGBmr_6Up_E9x_sA12qvXG7dWa1tMgLEp22oDeRjt3v-mXzn-zYnL7p8B01zv9BeBLPpV79CseK6klAxJO8tX06KwlFcAE5_3Y-OkC4AQBiAX6i-7gIpIFBAgEGAGSBQQIBRgEoAYugAfgu43AAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENqeA9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYw5uwn4XtggOaCR1odHRwczovL3VtenVnLWhpdHprZS1oYW1tLmRlL4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIn4-xn4XtggMVyZiDBx0V-gQmuBPwC9gTCtAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKg&sigh=PF-2He3a3eA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNJrGHqo_LbfB9IQMvDfX2HePPfH9R0u6k06EyIP50gxIClOhZsLprp1qxe_1mt8z9m2VIkji_IxgB&template_id=1520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22330408745147261779%22,%22debug_reporting%22:true,%22destination%22:%22https://umzug-hitzke-hamm.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22670867976%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22790623638881254929%22}&andc=true

Request Chain 175

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 201

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD36LLQwgEQsAkY9AQyCD1a1WcB1ccz HTTP 301
https://tpc.googlesyndication.com/simgad/7406716466783941715

Request Chain 203

https://redirector.gvt1.com/videoplayback?id=43c244ad0cd906b3&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701399778&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=B700C7D16A789C3AE3B49888B0D54734A2050E33.29031E63C57F7B4EFD40F115EB7EFF65AB7BEAE4&key=ck2 HTTP 302
https://r2---sn-4g5lznls.gvt1.com/videoplayback?id=43c244ad0cd906b3&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399778&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=65A26CFE56EBAE3448E5864F99292D7A7355E57D.131815DB55617F5269FF2BF59AC98BF5E393863F&key=cms1&cms_redirect=yes&mh=oC&mip=2001:1b60:2:240:3247::12&mm=28&mn=sn-4g5lznls&ms=nvh&mt=1701391822&mv=u&mvi=2&pl=29

210 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

forbidden Show response
home.s.id/
Redirect Chain

http://s.id/BMEpS
https://s.id/BMEpS
https://home.s.id/forbidden

73 KB
24 KB

378ms
285ms

Document
text/html

2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

ff40ba4d747765b06efb1283104398116b5d1f50ca248dcf96964025691ec83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: BYPASS
cf-ray: 82e7682d2c585d87-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 01:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjTMGmQGKxXNsMdARNuoz7SPPnoX131V1SaRhe2fjAoLLFUkimr20CdkrUdwIJHuJNS1XkDACutqINVBORQV8QjWJLr7LuTZRI5ZTa%2Fs2knhigF49Ln%2BJQnmB6D6RD0MoWae9QwfWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, max-age=15
content-length: 0
date: Fri, 01 Dec 2023 01:02:50 GMT
location: https://home.s.id/forbidden#action
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 montserrat.css
home.s.id/assets/fonts/ 3 KB
783 B 258ms
257ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/montserrat.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW7jn1SYhoiVKF%2BedFUy6dbWGt3UzMc8xoAowo2C2idbN%2BhWkdvj76hPNelmG77r6taQ%2FPo3TsGXzqHzEPY0dEBlyn3Zq%2BXHYxSUQspSB6KS8HJLsACET2qob%2BVdXPkUQI7YeGil9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
cf-ray: 82e7682efd0b5d87-FRA

GET
H2 200 work-sans.css
home.s.id/assets/fonts/ 4 KB
800 B 250ms
249ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/work-sans.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dK4IzLJpEwx4puMVU2g2ruyLEkHTkHvMmdXaSUTFM85oYinideKwFGWwgbjCG4YnrQJB8pz4GzFVpirchEDbXF8d3OkOtyjr8qsecgVgr2LLQeBkg8yTj3tZFHdTPtlDfl5wsYZVaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
cf-ray: 82e7682efd0d5d87-FRA

GET
H2 200 c054332cfce51f8a.css
home.s.id/_next/static/css/ 139 KB
21 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/css/c054332cfce51f8a.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64c82669b30bd4c35b45d6dc6a688c04eb7bdae11e594665034101b09b200671

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30696
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"22c03-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej14pjSMeTxe8Xu3h8g8UwEZuS%2Bse3psn3X3%2BudgwWwYMSy7jRKIR%2BCPlpW2RQfpZtjFgoOhNxAG5FD%2FxCCAY1F2cEXTzqgf%2FEid%2B3buaK28klI1mIi1SFYDTTmD%2FHINqrBEBCdlew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682efd0e5d87-FRA

GET
H2 200 webpack-1d1eff49188aaced.js Show response
home.s.id/_next/static/chunks/ 4 KB
2 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/webpack-1d1eff49188aaced.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5358e500090b60f2e1e41d203bfa365a80ea276a461232418a956a309dccb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31431
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"11af-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZc6IUkWTbjbYFY%2FqhyHjXBAnz4GlvTB6mgMN3M6U%2FnlsziF0azm%2BbzzA5tuV5JrKfNJKLvQwlKlLRi3okNQJ4Ld125jkxWJMEiQiGGFflSsayJF%2BqW4jwdQ22u%2FfeJ0VYCRbz6GUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f0d165d87-FRA

GET
H2 200 framework-c77b5ad42e6fa06c.js Show response
home.s.id/_next/static/chunks/ 138 KB
45 KB 104ms
103ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30887
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"2272b-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKtCddpJSWgLej%2FX8gDfMe1d5%2B0%2B0FAoYs1L1A8zpu7A0XjcGNr9vOGJ5DnWDrBlyibRE881iW9Kkpsorck1%2FyRWDgYt3hwQyqFK2a9JQHXg43YXe5gn%2ByDXzVq607vJAGPRuwkJTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f0d185d87-FRA

GET
H2 200 main-45f200f3cb6b7b3d.js Show response
home.s.id/_next/static/chunks/ 97 KB
29 KB 69ms
68ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30887
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"18214-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPk6xlZZxl9CbEu8M7WdhP5YjPw%2BLUnx2Vs2w5T8IjXSCyHSpC8U7dUHs7cVL04c2YumkKVhVPehpx0n8%2FJZFwt26Dpl9uyIZ3IGEo9hr6kqq2RT4Sy9GQUzZo7zyeQxbWhcNIVPgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f0d1a5d87-FRA

GET
H2 200 _app-73b7a0e1018fbada.js Show response
home.s.id/_next/static/chunks/pages/ 419 KB
133 KB 77ms
77ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/_app-73b7a0e1018fbada.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1996d16604b14f7f83fb927f0f64340eb47857de583178ea2527cf7daffb162b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30887
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"68cf6-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPchtJbvPyw1uF0lojybJHcfbTe%2BCpv0XFTJjZjEDiAkdVXlPUzz5m0TPAKzeuMxKhtmxDa%2FZ6%2BqethgyUwl2COodjpzt5Vx%2F4%2BktBy6ropRjgzGrhQra29EjelSrazN81rmRl1QxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f0d1b5d87-FRA

GET
H2 200 forbidden-29883e63e1ce37b2.js Show response
home.s.id/_next/static/chunks/pages/ 4 KB
2 KB 66ms
65ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30887
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"eb6-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZQzMzK2IvTtlHupt4KVX%2FSIp%2FZOgxGhdLq4EAJkViIV%2BmijqJKcGBHGljLlMg5G%2FC95sXPZtoWCurfbpT1VsHt2rzu3tjKg%2BlJpr2U%2Fd7yQGNVsRzMlnnCDqX9kwAjaWNChoHdb3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f0d1c5d87-FRA

GET
H2 200 _buildManifest.js Show response
home.s.id/_next/static/TgvUcLbXIApV9qVibcUO8/ 10 KB
3 KB 92ms
91ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/TgvUcLbXIApV9qVibcUO8/_buildManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760941766f1a3320e81362e808f4ca59f3b96b746d6301f569a86c9529dadfe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31539
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:02 GMT
server: cloudflare
etag: W/"2777-18c20e5d370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FreXSHPy%2BCST3U7ZTU6mDv3EoW7ijdUXJETn%2B1JyNcoNAD3pWfWiDoKIGfhfGZoLVqc3u%2Fnj6c7db1T77K5JCrInnr00rzWTgQ2qcwhhe3xGPb5u7D3eXr71wB1ZRKqpqYWeATEvTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f2d265d87-FRA

GET
H2 200 _ssgManifest.js Show response
home.s.id/_next/static/TgvUcLbXIApV9qVibcUO8/ 91 B
389 B 76ms
76ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/TgvUcLbXIApV9qVibcUO8/_ssgManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31539
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 15:43:38 GMT
server: cloudflare
etag: W/"5b-18c20e66010"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1XfjEAK11RsbL4d5cQ%2BDMpwBs3LFNg3muMUb%2Bpmnc7nbYOthgTiUrg0tonpLwdbknOxLh2u%2F0yKKigny4IOQZyjr7C7mUAcUPDtKdctXEmlosVYmaKO9rn%2BWD8H6VOS7V1dignKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 82e7682f2d275d87-FRA

GET
H2 200 403.svg
home.s.id/images/errors/ 4 KB
2 KB 256ms
255ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/errors/403.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
server: cloudflare
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1x4Ftb3n1qW86rMrtBYYIsuc0uO%2FskyJ1PmQv0Rrrt5OEfFV2nWMU9cNkysa9nONts0ML5gW%2FDB0cusWggvPMTYleyrcWMEnBCJkdN92%2BmmakNd8GaVKVjCiJY63scq0b1cJbs2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
cf-ray: 82e7682efd0f5d87-FRA

GET
H2 200 sid-neu-logo.svg
home.s.id/images/ 8 KB
4 KB 253ms
253ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/sid-neu-logo.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
server: cloudflare
etag: W/"2120-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71vL7eeFEykDAzCLXCYnUJqqtrZMdZcCQ44QQcWyXK5sK0u9jStvBs6cPX%2FwgxEfnCgJ3Uu65coQsD%2B%2Fv5NY%2BtPKd3NaIlqghYcXbgpNE8ZXoRyIUiTebzcyVYLz0oFz%2F1faFooVWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
cf-ray: 82e7682efd105d87-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 350ms
60ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://home.s.id/
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82e76830da0571d9-FRA

GET
H3 200 montserrat-normal-700.woff2
home.s.id/assets/fonts/dist/ 30 KB
31 KB 283ms
282ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/dist/montserrat-normal-700.woff2

Requested by

Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.s.id/assets/fonts/montserrat.css
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30856
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"7888-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buHDxOSl1fDhFUAtt7O5DgyhmlnEljilJLyweOMn2i9FBkYL1Qnz5GmTBcDX%2FTF72%2FsIru6lRnw41QP%2Bms2NKocw1KFLpV6ClybelHB90R1Ou7UOk23IyXNGu0jlFLQYa5IkMF76%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82e76830ca64364b-FRA

GET
H3 200 montserrat-normal-400.woff2
home.s.id/assets/fonts/dist/ 30 KB
31 KB 261ms
261ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2

Requested by

Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.s.id/assets/fonts/montserrat.css
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30856
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"7888-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAtgNgXsPSKnZNKPItO4FTDK6HhEO0ubz%2Fn%2Fe53lIA6zv9Rqty2BsaheJpsS3e6uayIx%2FzNuN%2B%2B%2BWW9VNnZIYnWjVE5svGflSyrVVAPBMiwxjr0XqX6CybSMe1QwQmu3bvJ1UBaang%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82e76830ca65364b-FRA

OPTIONS me
app.s.id/api/user/ Frame 0
0

GET me
app.s.id/api/user/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 140ms
84ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

083316c0a4e96f0267d20b39d436b977920b791d47c183cecf999ab403449437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 99ms
43ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95eab1f50cdd260b2e3e64a5f1066b45a618a3b22e6225df5d0c4870d3e498c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 93ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7494de461c57642af4f4d2c7bc0f845cdba6c2ed404008fabb74d1bf1dfe0202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77475
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 74ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 01:02:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fJ9PwvGwPJ6M0kOWluqGOlcD+OFd7XNuLn5VBXtUSuP/LxDKYCY2mEG56UCOwkZTwHsWe1+0/vjlGcMzcfQarQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 109ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tXafyRfcZB5HTT9IXgH1A7pjdCTx99JZtBwqv6f3Ma4%2BJGFxpdKfXOG5HGUuUMCH2TgQ1hC8vp3SGhM5Akcv6fQL14b8PaFXJEnVMdi0L0tpUA4CvIuA0QanRWsmh7%2FDAYYD24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 82e768315a5291d1-FRA

GET
H2 200 client
accounts.google.com/gsi/ 199 KB
79 KB 179ms
111ms Script
application/javascript 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-73b7a0e1018fbada.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ElbvzsN0LkpuMosEiG_9DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-ElbvzsN0LkpuMosEiG_9DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 4b27aa03-d3da-43eb-8382-660c054fbc9d
ekr.zdassets.com/compose/ 1 KB
1 KB 301ms
220ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 825451a10d9e5f2f-SEA, 825451a10d9e5f2f-SEA
x-runtime: 0.003874
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4dc846bba941de1fc473533aeb5bb025"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10sS7SkWHXWJ5ibM%2FmnnHCy8u7Q945W0kIMCsEtn28wH8k0S199T%2BohpKuM07EOAeuKIY80JYGpkPmzCUOjfpIQBjDVfgXB%2BQf9N9LdBgb3eYrT8cfMeBZ1LtBbBdzwcnCE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 82e7683218c9bb3b-FRA

GET
H2 200 3626502037629324 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3626502037629324?v=2.9.138&r=stable&domain=home.s.id

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 01:02:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: raBAzG8LMg++/cUjZMMMdE66nZppgZAWwSHkLyUcjnZFK7WfbavgoWEVHYyXwlwKGmUz0FBJ1QblCrfAZc5spA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27556c5bee1f831299bb5db2db87fcb91dbae0eec00ae1389ee7bbf2fc835b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 244 KB
84 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/ 3 KB
2 KB 90ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1701392571188&cv=11&fst=1701392571188&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=1302594684.1701392571&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 128 KB
49 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:51 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 86ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3b60v889124234&_p=1701392571010&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1879529940.1701392571&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701392571&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2872
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 93ms
31ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=1879529940.1701392571&gtm=45je3b60v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 90ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1879529940.1701392571&gtm=45je3b60v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1163813825

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 86ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1701392571010&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1879529940.1701392571&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701392571&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2893
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1701392571261&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701392571259.1801422659&cs_est=true&ler=empty&it=1701392571148&coo=false&rqm=GET

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 01:02:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 23:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 01:49:38 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10823601447/ 42 B
455 B 91ms
35ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10823601447/?random=1701392571188&cv=11&fst=1701392400000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhkNA8tvgQ5xVhAqCIjDFOHpuWuRnBg&random=3736094916&rmt_tld=0&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10823601447/ 42 B
154 B 37ms
36ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10823601447/?random=1701392571188&cv=11&fst=1701392400000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhkNA8tvgQ5xVhAqCIjDFOHpuWuRnBg&random=3736094916&rmt_tld=1&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
201 B 30ms
29ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1653320960&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=668986076&gjid=27461002&cid=1879529940.1701392571&tid=UA-225238330-2&_gid=634834948.1701392571&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=261713862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response
blog.s.id/post/2022/05/19/
Redirect Chain

https://s.id/1SV77?s=skip
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

114 KB
32 KB

82ms
40ms

Document
text/html

2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

26c35d62e7e1889544e91174e6637c611387f2424fec6b0c8b642883903f7309

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/forbidden#action
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30861
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=86400, must-revalidate
cf-cache-status: HIT
cf-ray: 82e76835da445d87-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 01:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzdJOD%2F%2FBl%2FBVgfi6mWDm7eAB1q6T5ypoIWn0NGJpIxi07rzsH74F8jFsofGCgEsW9wsVffJ3CXoXcqQ7b6tj6dfumdbcLanIH0VKDjTXjsswDXBBVmwGme46c98sIVX04wuAQSkXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

Redirect headers

cache-control: private, max-age=15
content-length: 0
date: Fri, 01 Dec 2023 01:02:51 GMT
location: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 web-widget-main-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/ Frame B6AE 435 KB
136 KB 48ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: MAWFo55nmJzTCV22.OVVsjgzwIcuk5qx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG6F85JDCGR4QAM
age: 1468256
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 54mJeYqonzncE9Bnk0sO4LAYvu3SPCXxi71FCPthBeXq1LbST7UaWVMLkeHj1raiJqyBp2HaQD+MB1zgkH+xJg==
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"9bf48d8c4bfd9e228c1cfc260b39519b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwWIqJz1saf2St4cTalc462xAh1fng0fFoAJsCfj344M0pE%2BYnMUHgUAojyy7fOnis0CSUcUOcgEDrg1QM3GV2L0oz01Pv4M6abTl%2FgTLjThCkg1q5rK%2BhjC69eXVTXkX8%2BIY1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768338ac891d1-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 en-us-json-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame B6AE 16 KB
3 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: SVieg7ebyluTA_U51KpD8k4UW9CnNoR3
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4V5W2Q7RJ2XVY2AE
age: 69963
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lByA2rdQsh4BEQjHFxOsk9dK9n/2W1sTVwCsDpSDzD2CncDFg3YNwYztgppKADvSYoAnLvDWRfLQIyNbDT0mTA==
last-modified: Mon, 06 Nov 2023 00:52:51 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9JfvOKajIaGM1ExoOYXNG8lhC0tAk6TYbywyaC4jqEGF85Y0UN9k%2BR60NTEOu5wEEKCVin6BP96JPRPBJdo%2B%2B%2B7dlKDPf3Rtww1Naz%2F%2F2KQnZOuB4v8%2ByKdp%2BzrIeTV3kCVoYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768346af791d1-FRA
expires: Tue, 05 Nov 2024 00:52:50 GMT

GET
H2 200 web-widget-4852-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/ Frame B6AE 139 KB
47 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: LLGa90fsv7bQUGdN2N0k5kLPN0aE.36G
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JMDS7988V7JWXH58
age: 1455575
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /+Qy09rCveMHskIZI+PJKetU3q6Nkqz5jjPjqH/ZfgNUiEx2byBIqEjrFqMpsyKr8rZtjFRl1WU=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otWHhbKg07UAzjGtiG%2BlQTkLyC616YVSet9F0LlCBivl7P74YLWz0XtNcK1V%2FlVclwry2CQLghLbA2W0b%2BnR7x%2FOmOdc6RcCNG66tPyCE04FKJPd0Hw3X5zRvxcJba%2FDT19a6eU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768346af891d1-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-519-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/ Frame B6AE 24 KB
8 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: c3fTu.1VTXTnJfTpV257t3CmA_E19Whc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B489Y0EH0VREEAT1
age: 1454454
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tW4oGHXNWcmTGJrP2G7VhjwZAqImn9omdZnC+SKHpwfElnMetRRau0HK+nOmHVPYoxT6NkcBPGY=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGSv0CwUxE3qDmSzf6j46HoDqdTlkzEmbnZ3qae9aCSnVc5K%2B%2FiJzjIfuqhiRaWN3rvq4I33p5zaGj6lDrJskE6YjJPzhZa1U9mF5bih7I1tkMQCULf6OAEehIYdf%2FD3DPt97Oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768346af991d1-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-5178-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/ Frame B6AE 24 KB
7 KB 38ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: WUnw5FU0oRqazTz0z66hJW9BpnBWa3hS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGEDWDDF7CRHGKQ
age: 1905715
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Jj5JStxWhYlfR+eKgiItTIEYuvnL7SUb9iZuTn3At0SRbZIxBx2x22m4PUWxdi3pcyuX1bEPqHA=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BmYDNKWUAcSsTAJSzu6L1F9ztr%2FM20oyvxYcXnCEqCOzF2uQqzH2vgr5zoTjLA6SCe9EZf9eUUjFO%2BiGrxDlwRVUjl1EylUf1Tp%2B5ySWBxAjEiu7LkUOSdK6viheglRmGP%2BaBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768346afa91d1-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-9535-0345ad6.js
static.zdassets.com/web_widget/messenger/latest/ Frame B6AE 15 KB
6 KB 41ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: Htn9g_potgdCgt0Ro1y4Ux_z.nUmgxGP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG23KKY7BW8A849
age: 1634722
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: VBuD2TK5/hOq07jvc1ScqrzANbuG0gpHcJP+pAdy7bNglj4w86Ib98+86vJYmMS2bH0tCEwXn+Q=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fb9qQVGB6LfRkvXj2AUdbWp4btakvfqClXNcogoMWgC7xXYc5jkcPMSwzH8fNoAObnPNlnaDGQFYaowMtMWu3m3qXfKyuRV0O9TeifM30dBJWiwv72N07d3BcTJffpzDz6B9MFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e768346afb91d1-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

OPTIONS pv
sdotid.zendesk.com/frontendevents/ Frame 0
0

POST pv
sdotid.zendesk.com/frontendevents/ Frame B6AE 0
0

GET config
sdotid.zendesk.com/embeddable/ Frame B6AE 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST rum
home.s.id/cdn-cgi/ 0
0

GET
H3 200 0020d3d8c67a4454.css
blog.s.id/_next/static/css/ 119 KB
18 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/0020d3d8c67a4454.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b600b052732a67038fda709ef2ea53bce28396238260ff5c52aaf69ade644c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"1db16-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME0N5vPKPDRwGkTNf8Na2NoeW6rIE2aNhA606nAC3YllR4wz6HtNmXzYLQq5gDBsRZSzdMuS0VKN%2B6PIiF9zHHlXJpapZMAIqenAuTH2I7NPFMWBVSleAPjTMWdRnr%2BeUtJAUUh%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768362eff364b-FRA

GET
H3 200 0ccc702cf5b6f291.css
blog.s.id/_next/static/css/ 722 B
792 B 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"2d2-18c20e43560"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvkJBG97f%2BGch%2BbyPwMn2nncgSCWlHDTY%2FSeGJ06%2BOlqyqGoQz03vbWz%2FfJPm6gXnsleLthzWZCZTOf1fB3viMHI3PEmLfmhgML3G3caEcAAZ%2FNjmRaXSidgUY2X2iFKCYkcRsovzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768362f00364b-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 176 KB
58 KB 103ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dc68c5577165f87e62efceb43f280db3010a4e6f93bfc480579d5669d9b3cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59382
x-xss-protection: 0
server: cafe
etag: 13649859131655215509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:51 GMT

GET
H3 200 webpack-36d12a75f0098f30.js Show response
blog.s.id/_next/static/chunks/ 2 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"892-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyiFgdO2pS2%2BEgNPHZY7FHZYLgu28NcAokoocHUn5%2BNpor%2B7HvoxeZX7A8uccqf%2BRvo9XRQOfpa1QmwZGi6El0UreUXm5CEHKj9N%2FBk9%2FE%2BzWiDKhDI8twJmQfQF1EoF7ql%2F%2B6MGDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f09364b-FRA

GET
H3 200 framework-400d78dd60ac46ca.js Show response
blog.s.id/_next/static/chunks/ 138 KB
45 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"226e4-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xyy3gh4sgHTIi03qAETJ6uCJmpQMRWQy347WzdBDEYFICODtG5OIEIpXwh5qWSnd%2FcGgDWGNQRYems2eKyiz1%2BSVrQ%2FwqPvezIvRYDNDoZEo8MA%2FjASafRsh1gQYz6EOdFusbax2YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f0b364b-FRA

GET
H3 200 main-ef060895a635bf59.js Show response
blog.s.id/_next/static/chunks/ 96 KB
29 KB 53ms
51ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"17fff-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hds3tvuGH%2Ft29YhoX2o%2BNVFkYdibBRmY%2FMjuiaMKUXTW2YwY96%2BMfiZaVjK3SoWSptakwpMSfZiZTRFwJ9jPhWvrIn1rHb6XAacfdoN2Xape81KW09sMdJWows9nBwLa11%2FS4jGKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f0c364b-FRA

GET
H3 200 _app-0f590372828a3d5b.js Show response
blog.s.id/_next/static/chunks/pages/ 256 KB
83 KB 59ms
58ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/_app-0f590372828a3d5b.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe9812114ec1b75ab721f01e51b8db8472d76916bf5a12455adc0ace94f665e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"3ff1d-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wh2A6VW4xpghtfMTgfSew47tvVEhNGmdqoZKnKoOukk8AOplGhp8EVrju5W7NnB%2F1fP8tCG43e7ZLlCuL1G9%2FVkAqWse7SNGn3cEi8vjbriDlDtb4YYkbk3qJtWjr9Frj%2BY%2BHAItFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f0d364b-FRA

GET
H3 200 b7322211-fbdd2383fa168487.js Show response
blog.s.id/_next/static/chunks/ 3 KB
2 KB 32ms
30ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"a7e-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxz%2FqfhFikEVvEXZps6QqBT4bnH7tt%2FjrKEtjXHr7sFu2%2FDf48u5jm3K7Cs35RxsGuJltQEHSBkzXMc1VJoXMkgFUgdG1uLs2IHRc%2BRU0TR%2BKnquDlGO3dF7ZCxbHkU9AgURXS2%2FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f0e364b-FRA

GET
H3 200 903-f279e023cd941d06.js Show response
blog.s.id/_next/static/chunks/ 140 KB
43 KB 73ms
71ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"23198-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nux0hKEpiuUrHIKKWERDfmcezXXRqQxplsSvsF4FN8oNbX%2BcRYXyH2cU0LiA6PrYmjrF8DSzv6cV7CBiha9vn31nM1FIDJlx17wV5nOGssZaWCaSImnDteBUW6epTt%2FMk%2F1FSck0gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f0f364b-FRA

GET
H3 200 68-d67cb6ef599605fc.js Show response
blog.s.id/_next/static/chunks/ 13 KB
5 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/68-d67cb6ef599605fc.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256397cfe1a343f2b58feddea2c2a5cef61af2ab4e58d15194e497e981ccd26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31922
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"35f4-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h18eVIlC8t%2FGK6G7242vPtEeo8ORhi5WfNePViLMkOPQjdFKSezMVE%2FtVfePp%2BbNddEpzTTKXmbKmp2448aeyBZqo%2B7OOb6FStivokcvCJu20NF4QsEAPV4Ll0lHYEUxozL3Yy3dsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f11364b-FRA

GET
H3 200 %5B...article%5D-f50dfd12dd1bf9bd.js Show response
blog.s.id/_next/static/chunks/pages/post/ 26 KB
10 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"6877-18c20e43560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVc58qrmZZmRqXKcpQxzyvXhef9eFjP2iB1Cn%2FNRsVxtLyEhT%2FYp6XCq17od%2BmVjy7ykRy1XEVtlF7CZEhGbfTUhZ%2BECXuk62Sk3iu7Efqt9GDsmbZ5VGgbylfObVJN2NNlwQGlPRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f12364b-FRA

GET
H3 200 _buildManifest.js Show response
blog.s.id/_next/static/3TJQzw_QZmhi46-hUDTw6/ 998 B
983 B 32ms
31ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/3TJQzw_QZmhi46-hUDTw6/_buildManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

615195f98c309c5e4a26709bf70a45b58652631504af76b2fd0cd125d88da621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31597
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
server: cloudflare
etag: W/"3e6-18c20e43560"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVzAqub3hQCkmJ3k%2FhfO%2BV71IRgTxHu8qHaKqkqIQsGta9nWO75QZqwtWU6hWLWgwoUUnowAnqA1b2fos0cLgP8I0rsoVQLqnnraZImD6pceg2JKfXBnuzcSyojGrao1l06htL50KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f13364b-FRA

GET
H3 200 _ssgManifest.js Show response
blog.s.id/_next/static/3TJQzw_QZmhi46-hUDTw6/ 77 B
591 B 205ms
204ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/3TJQzw_QZmhi46-hUDTw6/_ssgManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 15:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"4d-18c20e43560"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HskccNHbsVDmfma9D%2Bnsf6Eb3paz0Zc4CNYL2ewbeFaurFwoowUd5NE34SNBxkSgZMEgJLRJ%2BuMqYLl%2Fj65IaE4qubeBGoFnhSCiLdenKyiCoKo0P5Wv0CTzcvB3XLFBJiCIBEOJog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82e768363f14364b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 montserrat.css
blog.s.id/assets/fonts/ 3 KB
998 B 272ms
271ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/montserrat.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVX%2BqV9Tfl%2B3ysmKj%2B1WaeXaIapebJjuqgZ2HnmsLu8KZ8UOVHDsef%2B5mdA2woFeb72HCh148C39DWZPr%2BGc9IRiszveSW5o%2Bjj51Xkmxd1h5lwpIzPS%2FFWGXfDqNLk2k58oDeDrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82e768362f02364b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 work-sans.css
blog.s.id/assets/fonts/ 4 KB
948 B 265ms
264ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/work-sans.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVXuk7TYrNqMzEOaNVXKfJmJxES1QC1rip5A%2B4gliddNQLHr96WKzWNdBeYqDDeKF5LsJGpvOKEsT%2FP7f8HMe3s%2BHJq7kwWf2T6NG1mx%2F1c%2FMw%2FMSe%2BmDuxfTDqNjYTlulf6wcyKZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82e768362f03364b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 klip_2310_home.jpeg
cdn-sdotid.adg.id/assets/ 38 KB
39 KB 122ms
45ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/assets/klip_2310_home.jpeg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
x-amz-version-id: 7J5fU7ky2RB2K0._gaywL1p5g8cLKNce
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 38940
last-modified: Thu, 12 Oct 2023 09:48:14 GMT
server: cloudflare
etag: "41e097787c826186c9cc5281368f5c85"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZnFmhjxWUsSOZ0yh0E0SpagQ4ynwmdPRhXyzwX3xpT1ag8H1XTvw%2FHkiGtaAT1vkzx2BW0bzEEe%2BV5KL4JlKrKA8JFk6W4boxvwv0j%2BFWyDME0L7zZZKw48blOO4Pk0jl27E4mF2Ma0Vfey1pqxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82e76836af4039e8-FRA
x-amz-cf-id: 0JWIEu5FjkgJ-q5OizMMxhCGHFZudur7fEWyW5X0QA_J6BZsenvirg==

GET
H3 200 adg-red-ring.svg
blog.s.id/images/ 6 KB
3 KB 251ms
251ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/adg-red-ring.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 12 Mar 2022 15:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"1926-17f7ec17510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4e6SPbhxJjoQK4px6sy%2F2l1qv1Cv6EcDDP5i%2BP74W18carzTFdtQVuogZybLcJezA26M7qn%2FVKulagtVgZttubA7N%2FzV6ktq1poURbRNmSM9P4PclyoqI3D%2FEPqdzxSgYGdOjB1jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e768362f04364b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 50ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://blog.s.id/
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82e768363c1b71d9-FRA

GET
H2 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 458 KB
149 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31079889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2d0d20d1d376701a13169f896d25105d3e8b4be25193bf3ac428eddd3db68d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152830
x-xss-protection: 0
server: cafe
etag: 17371580818709244005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame FE62 10 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 23:53:56 GMT
etag: 1201167979857287204
expires: Thu, 14 Dec 2023 23:53:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A8B 0
20 B 113ms
108ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1701392572&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701392572013&bpp=3&bdt=158&idt=110&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334093311610&frm=20&pv=2&ga_vid=1879529940.1701392571&ga_sid=1701392572&ga_hid=1112505679&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532604%2C44795921%2C44805915%2C44809316%2C31078297%2C31079889%2C44807754%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2556246350383363&tmod=1052003112&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31079889

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Fri, 01 Dec 2023 01:02:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 work-sans-normal-700.woff2
blog.s.id/assets/fonts/dist/ 47 KB
47 KB 259ms
258ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlKur8iPLQRZhJ%2FEaDLxEu%2Bl%2B2sgK0tT1z7lbyMKyfL3SPLxH9VrjC4Wc7g2vLo0hFF47y66mU7T1boKQ351b0mMriRlpwFklUhe%2BjDbBmdShxg8G6mBESQhQ8vIpbysNLXSYQ85Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82e76837ffd1364b-FRA

GET
H3 200 work-sans-normal-400.woff2
blog.s.id/assets/fonts/dist/ 47 KB
47 KB 267ms
267ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UXQiTqXWe9OtzeSVUdApOW70urlxsGGaDELXYbi1vegBmysr%2Fw0cf04McNQvQrT8NS71MUw7o0xeMPpRVo3mpeCaBG76IfwrQ1QDl757KZNM6rhANW3BXwCdFL8%2B3ilmn8EPwcRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82e76837ffd3364b-FRA

GET
H3 200 sid-neu-logo-dark.svg
blog.s.id/images/ 8 KB
4 KB 263ms
263ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLvKei6RJhouT%2BGl0XJ8LFaIvpSEJxiqYhn%2BhQESXYjpQzktlWxm5oA6VyOcRMWu4VmRUj1DlKRJ7ms0ABDbnSI6lg8AojK69rYSuRinRROvbgv8ZVZlzClWVOgCxk%2BJtMD9hnEp7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e76837ffd4364b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 work-sans-italic-400.woff2
blog.s.id/assets/fonts/dist/ 44 KB
45 KB 246ms
246ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2

Requested by

Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b61d2de9865afa7dbbb91782523d03263294fb81eeae08e9ee0fc6f121e1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.s.id/assets/fonts/work-sans.css
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 45488
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"b1b0-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EiFdB5RASXoCfajHvnPJgRCMnnLHJcKeFdQhUXpQhyx1YtkmS7R6KtGdD4rPslElfyLs5DvU9J%2Fketx6O1CySZx3w%2Ft2Kap89i2Bk32SFbIW5vBRhlafT0V0FChDQtcSpdPueefyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 82e768382fe9364b-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c07cdfcf558997a19e3a76b87c82e931c456aa8fac591a7925f63b195e9437e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a6d204a88fbccc46132201cf38d299d7c4be9b7ea12eb9c102c67d5a1812228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:52 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 33ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 49
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmQpVDyUigWG%2Bd8%2FCqCpvLcCv%2BliQi%2BhHUA%2FF1L1s1qUoiBQ%2Fo6TZrVN%2B20cU7q4SngU9eKiOHuGiB7Q3kwgZMxFEYEP9w3Fn2jGRdxDABXnvH290Us29ZGxH3SPgvKnGg8OLus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 82e768385bd591d1-FRA

GET
H2 200 1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response
ekr.zdassets.com/compose/ 336 B
588 B 643ms
638ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd2ddd164915e5640a8d0286b0f6c520cc7666526efcffd2553c72b83b5d82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8231a9e28e75755c-SEA, 8231a9e28e75755c-SEA
x-runtime: 0.010726
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"edd2ddd164915e5640a8d0286b0f6c52"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFkV6aj3qQPGy5O%2F93VMotnx8%2BMrZPQv3dtJA5kLTmobwvXXzVNNkaptRNlzLHE29H8OXzmnfbscMyGp8wI0mCdfw1rLlOiy5ncDnPPetZ6u0GYoGqo8TWTJnXqOfXHgIrE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 82e768389f37bb3b-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 41ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b4c3c9475a02ef4e52e1459b5f98ec640c35458a90ec8779465fb477f9e7fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 01:02:52 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3b60v889102823&_p=1701392572202&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1879529940.1701392571&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701392572&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=970
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
68 B 31ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=1879529940.1701392571&gtm=45je3b60v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=1879529940.1701392571&gtm=45je3b60v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=40227933

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3b60v881303990&_p=1701392572202&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1879529940.1701392571&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701392572&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 92ms
38ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c43c9e6efb96e5e2a27781ddd654e49afc9606ac4d0ee4584a004714c8fde6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12181
x-xss-protection: 0

POST
H3 204 rum Show response
blog.s.id/cdn-cgi/ 0
137 B 28ms
28ms XHR
text/plain 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://blog.s.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82e76839c8ac364b-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 108ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c88bc699e21ece44e12f74beded95ec962aeabaf6aca250bc0640a75b2191afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30132
x-xss-protection: 0
server: cafe
etag: 104 / 19692 / 31079856 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:52 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/s.id/ 442 KB
126 KB 146ms
77ms Script
application/javascript 2606:4700:20::ac43:4bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/s.id/site.js
Requested by: Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=453743
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 18 Jul 2023 04:06:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUpefGnXVyJBQSMB%2Fj0X5Nq3DeWVUzR7Nn7GXuigKB7wZKOd7Z08PoopgLSFqBj2i%2BgcW7rjzd5iXrsXSr4nvPfhRxwjrZXu5x3SWsUHAJn3%2FfonfmcwPsnNcKNL0QGD1V2FYvIX%2FXjoGXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 82e7683a4de35d65-FRA
expires: Fri, 01 Dec 2023 01:32:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 01:02:52 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
135 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48404
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:36:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBA9 13 KB
5 KB 28ms
27ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 22:16:29 GMT
expires: Fri, 29 Nov 2024 22:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44FE 829 B
982 B 38ms
37ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92e7d8d618f31f87cf609f243425b8d668496b2e2f917b3ddf61c13dd236d15f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PsIS-JfhTqk41kl0hB-UGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PsIS-JfhTqk41kl0hB-UGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Fri, 01 Dec 2023 01:02:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EBA9 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 22:16:29 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 89ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17737
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2G8DP16tkqmAmaAnycIoMDaADB8qYVIZDqnHPnlF0YFH8CK%2BdOtlSJdjEMj92VZ%2F8To%2BK%2FWXiIYoR%2FeLcqJ1oAdBASGWVSqYbBWPxaE2QuzdwZWVpJ8OgTsbue9bQScROKZfASfoMDvFJTFzqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82e7683bc8262bcb-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 94ms
37ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: N3M411AS6MNEDX15
age: 611
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82e7683bce8b2bce-FRA
x-amz-id-2: C3mUChgurMpgOGayLZhpVc+BCxpVBtHyNzSngEMzfigC1PE6g6pz3MhyzliY9k/2+owd1HSLZCI=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 97ms
29ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:40:12 GMT
content-encoding: gzip
age: 1495360
x-guploader-uploadid: ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:40:12 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 187ms
92ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 02 Dec 2023 01:02:52 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 97ms
33ms Script
text/javascript 52.85.92.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-127.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 62673
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: XGIn0c-RaxcLHj4jHzpfVZj207kqU-WjK3Ik5Kq79LuCr29zBD7aQQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 148ms
44ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6ed05eca20a6ff2e8b6342f63ea90fae
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 720 KB
140 KB 661ms
661ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2556246350383363&correlator=3864635833964312&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701392572713&lmt=1701392572&adxs=-9%2C426%2C426%2C-9%2C-9&adys=-9%2C390%2C884%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C0x-1%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1879529940.1701392571&ga_sid=1701392572&ga_hid=1112505679&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYm8KZl8IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRibwpmXwjFIAFICCGQSGQoKcHViY2lkLm9yZxiawpmXwjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ym8KZl8IxSABSAghkEhcKCHJ0YmhvdXNlGJvCmZfCMUgAUgIIZBIUCgVvcGVueBibwpmXwjFIAFICCGQ.&dlt=1701392571855&idt=822&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D03%26protag_minutes%3D02%26protag_hours%3D01%26protag_day%3D5%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D03%26protag_minutes%3D02%26protag_hours%3D01%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D03%26protag_minutes%3D02%26protag_hours%3D01%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D03%26protag_minutes%3D02%26protag_hours%3D01%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D03%26protag_minutes%3D02%26protag_hours%3D01%26protag_day%3D5%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar%26protag_check%3Dtrue&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a99ed8f3f3d04df3605b8245e078ba63e4eb6a43c93c77e841f6d0eb966a5d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142995
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,5636256369
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138343841794
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 798E 6 KB
3 KB 139ms
59ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Sat, 30 Nov 2024 01:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44FE 0
0 60ms
59ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=2556246350383363&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EBA9 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cDddew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 161ms
53ms XHR
application/json 34.255.67.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 91a0ea93f45493f3e4cdb69f0e01c67d4dfa26a734bb2161952a9a6f5ce7eb06

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://blog.s.id
cache-control: no-cache
x-server: 10.45.23.226
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 89ms
31ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blog.s.id
date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

85 B
193 B

136ms
135ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 9cfa56c12642d5166f228b0dc5787c9b359eabf953140de22d607e622be260df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-YchW5ZTyqp2hiy/PvmL1cR0g3qE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 01 Dec 2023 01:02:52 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://blog.s.id
location: /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 web-widget-framework-7b3d0eba84129756bae8.js Show response
static.zdassets.com/web_widget/latest/ Frame B781 102 KB
32 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7b3d0eba84129756bae8.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50aa47c223a2b331ccf7bef5f39ed9987788357404a2ec9fd7f7958c8af6f046

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:52 GMT
x-amz-version-id: JNIun3CCEEHMesl0sMy07ndOe4J5c0Eo
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1MCSQK4P6C65HVVG
age: 169097
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: qnc6pqQnbdZKpqHhs9T1bGQYi982Y0NfpbLiOQ4zyRFNPP249kYvRYs50gWG67Y7+XPFjb6DDzw=
last-modified: Mon, 06 Nov 2023 00:46:26 GMT
server: cloudflare
etag: W/"b93c4e92c8949f2dd0f5599fe45a0364"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOL48lGCczO9U1eAd1NB5FCu77DaF59Hc4vvLSxHnHmtm43dO88E5qv0Dpj6h6TQLK1Z1iNSoYcQ1E4kXUxAWEOOG8NAoply4sj1esiMtlHoMOHYzT8DX%2FUmL1gM2YQVLEb7Ino%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82e7683c9cf391d1-FRA
expires: Tue, 05 Nov 2024 00:46:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 86DA 15 KB
6 KB 117ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 331823
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 404 config Show response
shortener.zendesk.com/embeddable/ Frame B781 15 B
956 B 116ms
37ms Fetch
text/plain 162.159.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shortener.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7b3d0eba84129756bae8.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.128.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
strict-transport-security: max-age=0;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1696
x-zendesk-origin-server: embeddable-app-server-6c58497b58-rqk4q
x-request-id: 82e73ed678dc4dc3-FRA
x-runtime: 0.006848
server: cloudflare
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JJ8ByPIXPSbbgUQXBXKpZUADllzLtquh9ncvQkxCNo%2B49e3mRWaD7WCbXHTHXZ8kcAVCEzZiZ076s1vsyQfRYV53FaEMCHa1jNSwHaO5dfRkiPbR%2BilgR1NGdCUUzWJaDxAcZ%2F%2BPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=3600
content-type: text/plain; charset=utf-8
cf-ray: 82e7683d7d8965ce-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 86DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3D_yeHxxdkUxQzJaMC82NHl1NjBCSnVYQTFRQlA2aDZOMENnbHd1UWNzV0xlZzc2QzJ0NitsVzZqMk9FZFFRUXJENWIzVEVpakdScU1iVkVlWTdmZGJBcWJ3NzZxSURWTitMandMSlFwYmZnRHl2L2IvZU40YWJBSXZXRm...

419 B
647 B

38ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3D_yeHxxdkUxQzJaMC82NHl1NjBCSnVYQTFRQlA2aDZOMENnbHd1UWNzV0xlZzc2QzJ0NitsVzZqMk9FZFFRUXJENWIzVEVpakdScU1iVkVlWTdmZGJBcWJ3NzZxSURWTitMandMSlFwYmZnRHl2L2IvZU40YWJBSXZXRmRiNnJjQzZUR1I4ZlFPMTV4MDlhaXE4SCs5SnBkZVpURzc2Q1o3UUtIQTN3bWxmUDRNVnRMZVJIWTA0c2ZMUDJkQ1pMektLNk8yNlR1OVpRdzYxMHp6SGxiUXloR0MyMTJtOXA3TnBmTVc4ZGNKa2U5QW1Bckg4Y3pJT0NWRXgvZlJVVGpkVUxjRUt4MHVPRlR2azFuK1l3NXRIQzEzZz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1cb590451a69ee52655f6fb7daf47a61f07fb93e5d2d53b33db6d167173aa21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1081061
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3D_yeHxxdkUxQzJaMC82NHl1NjBCSnVYQTFRQlA2aDZOMENnbHd1UWNzV0xlZzc2QzJ0NitsVzZqMk9FZFFRUXJENWIzVEVpakdScU1iVkVlWTdmZGJBcWJ3NzZxSURWTitMandMSlFwYmZnRHl2L2IvZU40YWJBSXZXRmRiNnJjQzZUR1I4ZlFPMTV4MDlhaXE4SCs5SnBkZVpURzc2Q1o3UUtIQTN3bWxmUDRNVnRMZVJIWTA0c2ZMUDJkQ1pMektLNk8yNlR1OVpRdzYxMHp6SGxiUXloR0MyMTJtOXA3TnBmTVc4ZGNKa2U5QW1Bckg4Y3pJT0NWRXgvZlJVVGpkVUxjRUt4MHVPRlR2azFuK1l3NXRIQzEzZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264615
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 78A1 0
176 B 118ms
39ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 01 Dec 2023 01:02:53 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=2556246350383363&bg=!Dg2lDULNAAY3kmNgF5I7ADQBe5WfOM2ONdnl2D4gWmCtuwujdDGfjqv1H97ImmlvtPUeX1SYkMmPEGWo7E7uW5WVw6PfAgAAADFSAAAAAWgBBwoAbgUWWrouGGILS1xRM_ixT44rb4fxptXJzwBIMbFY5pUHupR6kOUoMqcuBvrZbniz5eUHkqjyB_Lgu1_sagAredEatuny6xUBE1_dM47DdnHsD8i_AfLM1qkQIUerejTCj9JqMUNNn3IVshdCe5PzmQLLMVB9HbvScB9OLLbMsVmggagYFvsKWfKprStTe6dGV5bbdoJFFm0ADCYWogWxrCpoSWPgPI7L0H3tcEN1n-W8DFM-oR1TWZPRF-me--jutPOOooDsm9OLCJ7JPv7pfFxPJtCTlijq4wke4_rjQVOriV08jvq7i6dVa1Elz0PsFAWZov9Rn8rk_c6bTXep9IZjKXo3iic0aL9EzD2cQrZfNOfHIAYnvL9CiagksdtLeIiUcV4HnwxaBjD9RYDREEsZQQn6o2hQM5WpXwlLh-opx4OeMP472WwXRzJZwfRhygj-7zxcj8t8Vwvskm2_ifGE3dtWoRPlhqHuBI9-GOjoOXXcAgwuEedMqEtIZo--Dp5FGwqurd7vEM6famDHqfMJuuToZAc-r0CGqcn76ucuClDWehaFCOs2Y67eSIuHmQiSNVX-ED2Lug6gIRM4m-7VRIUSOy34VPdDDBIvcGK0-xGWxqtIsp4u5yJIk-PW3GZtKszDsr6sqrk4_A7sNq0tPJw3Y7zMheiQJEbvm-P9QZWM2PfT4a9yMtSVBB4vTzXCuHt0HA_SidH_Ke_SoK9wUeoCQBPnMqVvWUKU0VdH6sUwVakOzcp1bLQldvLwuunCYy66Ak10986Jg8MVjDJ9v6kh8uvulb0lDSV0ZX6ZiYFH7U9QNE2CC4t8NxHsSG2i34pv0OtqGN805PNzcwlOdmimIk9JVZBUqSB6kvFgyqZUHf468Omzm5KjEhqUWgfkXrq5N6X76Q74Tilll5fg_hALMkz13YHt448pjVSBohArU5SSGS5OX4qe2-y7gIf7CDeTAGyl0ojVJXDh3LhG39u_LV6fepS0j16n_3mBqkhI9sKCfyKVoDJbAo5fCsG28yVHdFM6lm9ibntHjj1lPkqabi_7LTFJW_e5hxazwSW5IOkeozYWeLcQRjX99Ws7KECjSTsTK4psoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H2 200 container.html Show response
6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0EC2 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Sat, 30 Nov 2024 01:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F34 6 KB
3 KB 25ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Sat, 30 Nov 2024 01:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85D8 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjrtDBfBewBy1dtcP01dfAalpl2xVWho9nKWZV6cM7WC_KdDMqmKPCxTSe8ix7-5Vdf0k7un5pGyRRwAB8PNzL4GIrqFCUZGpctkTKXYaL3yB1nwn2D3lK1AFKSuo-xEAWrWSMDdbegSBJJQYfU3Y4nZPRkG-pUdgFpv6CsFBFRTlvYuPpFx18_L31E6lR38CykAuTmJqlYHiJxrGNjf8VFhDMqQaK9tUoJHbfr0Q0LgKTp8DvwcUjdbm2wiKPRUf40e1jYKvGcU8qeG6xbvOQMyU4_Nb_1A0OMs1nzozy6VCrVunGwYPfvrhZVYj92gllriaxgwkLEaT22pfRfGtyqg&sai=AMfl-YRbepfB1nhzYBoFGg0p-1P6beiOfAoMiqd8jeooOs8l-Wb1VWHlF6ZDLZwvO6BPvMfFv9Ic2ddMBP2c8i58YIvOBDALB7FFaR64v_pycPjlU-i3v0bGQcKOViAUVIpzfBBDMmcdj434Uw&sig=Cg0ArKJSzNlVdlbZkLsmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 matomo.php
fatchillianalytics.com/track/ Frame 85D8 0
555 B 201ms
113ms Ping
text/plain 2606:4700:20::681a:bae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatchillianalytics.com/track/matomo.php?action_name=&idsite=JlDE21DBnw&rec=1&r=259092&h=2&m=2&s=53&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&urlref=https%3A%2F%2Fhome.s.id%2F&_id=&_idn=1&_rcn=home_sid&_refts=1701392574&_ref=https%3A%2F%2Fhome.s.id%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=E52ScP&pf_dm2=0.30000007152557373&pf_onl=0

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: none
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdElTAzDMV5Vp0fWOHd76wSboSRzDCB35%2Fbl16gEqG%2BP451v26uWjqM8n5vCdojbaG%2FwDBwNt2DZd0Lf%2FURIpKTtXEZ%2F9vOGHp3Sj5naPgqMXgUal9j2tlupSaAArbj4Jx2vfRQ69Vyxk3KLV0q%2BS4D%2FyJs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
cf-ray: 82e768410bb037f2-FRA
x-xss-protection: 1; mode=block
x-balancer-id: 1

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85D8 202 KB
64 KB 99ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:53 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 0EC2 9 KB
4 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 14:04:29 GMT

GET
H2 200 56cd64efe962c88f43d7873e12342f7a.js Show response
www.gstatic.com/mysidia/ Frame 0EC2 144 KB
53 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693355a112709c5b2c697d1a6f4f7d45f480d2580e9d5ef8ff53c3214c4c874f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 12:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53903
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 12:19:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0EC2 7 KB
1 KB 92ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 23:22:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 01:02:53 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0EC2 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
server: cafe
etag: 16216481440669322801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0EC2 31 KB
12 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0EC2 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0EC2 30 KB
12 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0
server: cafe
etag: 13853050904789882092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0EC2 0
0 31ms
30ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZfVuSsKkBo5M30nm6geeD4KZVJtYGxYQBe2dro-arwSUYbSQLepbnk0JjJjrqMJZg5BMh7shx7UxfzcR62w016uSPFQ
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EC2 202 KB
64 KB 161ms
107ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:53 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 0EC2 37 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C236 2 KB
3 KB 96ms
43ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a1b71b721845c15b7a6d3a7b4f3cf9d1c65b4f8fdf03da5d0a0924070265e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e76840edd51c1c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:53 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7F34 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9531 1 KB
643 B 26ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 01 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7F34 30 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0
server: cafe
etag: 13853050904789882092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F34 0
0 39ms
38ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWRzBAcHTG3aZrcmv9Qt54Ediw7M5g5OG2VJXfWmEUSO_PYlayoeTNfXNT5Y4FOAnyn9RRgyDAfddYl3kNVuy-L851Hw
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7F34 24 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F34 202 KB
64 KB 132ms
89ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9531
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5Xxs2jufLvoOKTKnBtFuU&google_push=AXcoOmRBeLnUYHoW4V32XSj2HsWQEZmxfnL19SJUeGm3Gg05Jck6a01cC2...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5Xxs2jufLvoOKTKnBtFuU&google_push=AXcoOmRBeLnUYHoW4V32XSj2HsWQEZmxfnL19SJUeGm3Gg05Jck6a01cC272CD3Mp6J5D2iiOMTykBD-TpxAnMo4lFWjBhNSsOo

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320034-CPH
pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701392574.691727,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5Xxs2jufLvoOKTKnBtFuU&google_push=AXcoOmRBeLnUYHoW4V32XSj2HsWQEZmxfnL19SJUeGm3Gg05Jck6a01cC272CD3Mp6J5D2iiOMTykBD-TpxAnMo4lFWjBhNSsOo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9531
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMbf1MO7nv-2RLLUc3wd3Dc&google_cver=1&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HNCTqHNeQ-QV4SokL8bbEg&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf2NhW8U5m7ag

170 B
329 B

35ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HNCTqHNeQ-QV4SokL8bbEg&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf2NhW8U5m7ag

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 01:02:53 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HNCTqHNeQ-QV4SokL8bbEg&google_push=AXcoOmTDONMO1uIBtSrnvllf7vBgEqT-SB1QhnfnwfEvv0bVM7zvYLQCQGAIyNTqByjCLSS-Z7KDm31FXyZ2-2cf2NhW8U5m7ag
x-host: tde-deliveryengine-production-6987bbc57b-fk8qg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9531 0
166 B 153ms
42ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA4escpy06nd1t-wuXA4deU&google_cver=1&google_push=AXcoOmQpe6GjY3t7GiC03gA23rq_VgSsOgX1wkczy2fkxBgzuB7lrBqJFIrJDH1lsr3q-djZ8-k8rWEqW1kAvRyhJtSDhOheDn0
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 01 Dec 2023 01:02:51 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9531
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEE-0qwtfboc9-cE-XFb6ZM8&google_cver=1&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q&google_hm=M3pFRU1xcW5uN3FYVkJDUE...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q&google_hm=M3pFRU1xcW5uN3FYVkJDUElHUlk=

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRYR-o7WKhnLz9mR5KVY2KnJe9JrhTSaszDkUp47IwvRpurxdF38i3SxLJdNnaIW2CqeeN0LrRl6VRAECSnuV3EpU6w_Q&google_hm=M3pFRU1xcW5uN3FYVkJDUElHUlk=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 9531 43 B
199 B 194ms
55ms Image
image/gif 54.154.193.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEIWzAVsvBsQkVO3fXdq8K1s&google_cver=1&google_push=AXcoOmRWDw9js1yxGVK-hpsu4Ppr2Q8LVdwfW5Hn3tj9PvbQTaE7lxxhacp2A2fvgFo2SIek9o09CX9HDbSL9MJgAPpeuQzEJQ
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.154.193.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-193-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 01:02:53 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 9531 0
134 B 690ms
110ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEIhQjvXl4mJsoIydAYQeL1w&google_cver=1&google_push=AXcoOmQsxU4rWQwWgINQEoXFo657YH3OYwGGGgahVkK5CKd3UosguX0OfB2IRL9PBw_ZTksQZTTLEC6r3Q1c63OFs5bnVxsq0A
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 01:02:53 GMT
server: CookieSync Server
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9531
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEF2tBkXZM9T2jXN5hqZeGbY&google_cver=1&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cd...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cdf__cr&google_hm=MTc0MjAyMzQ...

170 B
232 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cdf__cr&google_hm=MTc0MjAyMzQ5MDIzMTM2NTExNQ==

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRxB0Gbmg9epyCj7SjWWNaJGqNufsvmfDyidA9ZRHvM1MY9uYyfYzKKSZhuatpNwJEeEvRUrmCKiHm5iCeWNDkw2Cdf__cr&google_hm=MTc0MjAyMzQ5MDIzMTM2NTExNQ==
Date: Fri, 01 Dec 2023 01:02:53 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9531 0
139 B 114ms
36ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig_A1fvuzWoqH2Z_Fp0S01a4E9XDj_iLpbZoZWpKhAJnfla4Q3zKniyOQGfJeCBnkoGtcZdw

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 7F34 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce38c359aabdb57085497e7b38e49d623319b6be350da3ff5c0933d5e6b92b98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C236 115 KB
14 KB 44ms
41ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1636699
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHo7YYxG5X9YbAvs04HaGpMMlMEF4TqKvI5R39M3%2FZD91xCL1LZManAjBOxVCfRmhlmSzjafb5ZYKRT2wkP4kwL8cq%2Fp04cyhBmZgAlmzCAv%2BngokYpqfN5CPRwqY70o6Ttw4qSr7W0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82e768413dff1c1c-FRA
expires: Sat, 02 Dec 2023 01:02:53 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C236 24 KB
10 KB 44ms
35ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 143286
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLK6K%2FiCvuGp0ECR8iwyj3hayuP1MEgZy%2B2hV0CpgjvKfunwRVd8Y%2Fc%2BXkKG042UhWV6RXQ%2F1rvlFOiObZR2Q%2FLXbbwZIc1ax6agZ3rPoxKbrz2k9tGP3rLxI2ZGNabD%2BFL2Gew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82e768414e051c1c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 09:14:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0EC2 0
54 B 431ms
134ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lplx7jr9&c=1520163696406&slotId=760081848203&qqid=CLW4s5-F7YIDFcmYgwcdFfoEJg&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=sc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9432376257408706518
tpc.googlesyndication.com/simgad/ Frame 0EC2 2 MB
2 MB 37ms
25ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9432376257408706518

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e562d4407e0fa9ca26d9bbccfe93e7ae90e68f425fdb9202ec5e848637e07c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 23:34:35 GMT
x-content-type-options: nosniff
age: 437298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1846403
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:08:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 23:34:35 GMT

GET
H3

206

videoplayback
r5---sn-4g5lznls.gvt1.com/ Frame 0EC2
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=ip,ipbits,expire,id,...
https://r5---sn-4g5lznls.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

253ms
23ms

Media
video/mp4

2a00:1450:4001:26::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5lznls.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1ECF819D65BC08D3237FF20E85026D55814A3110.1C293AE59CB9736086E7B58E4DE16CBC0CC7F74F&key=cms1&cms_redirect=yes&mh=RZ&mip=2001:1b60:2:240:3247::12&mm=28&mn=sn-4g5lznls&ms=nvh&mt=1701391822&mv=u&mvi=5&pl=29

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:26::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

da0a4a9abe62b064b5e2622ade6f855702138ad665a2813508651379b6f5449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 01 Dec 2023 01:02:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Aug 2023 08:21:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1310466/1310467
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1310467
expires: Fri, 01 Dec 2023 01:02:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5lznls.gvt1.com/videoplayback?id=5db602cdae08dd63&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399773&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1ECF819D65BC08D3237FF20E85026D55814A3110.1C293AE59CB9736086E7B58E4DE16CBC0CC7F74F&key=cms1&cms_redirect=yes&mh=RZ&mip=2001:1b60:2:240:3247::12&mm=28&mn=sn-4g5lznls&ms=nvh&mt=1701391822&mv=u&mvi=5&pl=29
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 711
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 283A 1 KB
643 B 38ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 01 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 85D8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b5560f3dba33da8fae918cd0dea912e7fae5677c5620d64f53b06891e05d154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85D8 0
0 115ms
64ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW9fb83SQr01_DLYZ-XF22-uFt4Okf155aL4IzQo-CjHeskXMyp9uzFlSIWB5nNlmj37araVWNsgvrmrH8MoTDCVRVWzYAXnAOTPSrmlgDEuUN5v2adsjV6uDSv1hISt5yZr_zavbNtA-Lv_hj6ee0PjdC3IQCTzAGvD8CneiFGaPxC2CBWr2VYKr5CMi-ylD94kRRr7BJ7vBzKczntx6wnS-VnYf1Mobcs_p_c0Uz-KwrMp3kZfJ5SqGC4P3WdmrivioaSpqiulTXgHbvdTNx3jBVpOJOU7aeMBxg6m8EochnHO6P0_2PfSRWoMDvOh9aIoHGog&sai=AMfl-YQsN_BbEkspUX7urH-OeEz8TO4WlCWCfX_E4rNyyW-KY0vYBIRvgWOFEzXMcWESdCkKuEFQxpgi8hKzjcOvOOum52XVjvWP8eKMfWtFu1OQ7NqqlMa0rNuTR6i9pgEmD9H0vdmMX3BspQ&sig=Cg0ArKJSzJqtcDgZL3fsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 01:02:53 GMT

GET
DATA 200
OK truncated
/ Frame 0EC2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd28d0407fa36fa4ee75ad52825d0a57ab1f0f32322dadbab9ba080ece2e6335

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0EC2 0
45 B 378ms
134ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lplx7jrh&c=1520163696406&slotId=760081848203&qqid=CLW4s5-F7YIDFcmYgwcdFfoEJg&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0EC2 0
45 B 377ms
134ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lplx7jsx&c=1520163696406&slotId=760081848203&qqid=CLW4s5-F7YIDFcmYgwcdFfoEJg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F56cd64efe962c88f43d7873e12342f7a.js%253Ftag%253Dvideo_location%252Fawx_web_square&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0EC2 0
225 B 377ms
133ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lplx7jsy&c=1520163696406&slotId=760081848203&qqid=CLW4s5-F7YIDFcmYgwcdFfoEJg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fa6de5423b7c632060e8f86136bd5d27a.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C236 350 B
905 B 155ms
43ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76418
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jijRftDqB4Ks6Sid%2FAZgwZBeQ7iTAdhOHvzv0dy4ucyXqyaevW0hqcm6lN33jeVBkAGXOnH6hpWFFVxSe6CSjHwzNwXI3YTssfXqkuFbu97x2EeIJC7GDyQYooQ8r076WJ4q1PE9X%2BSmEAAoo0BeutWI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82e768428d235b7a-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame D4B8 2 KB
2 KB 73ms
73ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 207757
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 82e7684279c89025-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 01 Dec 2023 01:02:53 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PndYf6U2Loa6Im%2FbWYH3dvQzUCjynXyyuQBNa84DPpcS48Rogm92mrdD5M2LLBe%2FsTicR8ccvEQ1XgqV8o1bwtxVmQErZQzLXCe340fgkdqkjejauCAbUuCALuD%2B3kt33GWQdL8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 283A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1&google_push=AXcoOmQnDE1nE9_QSYalHUkbXoRG_oKTo13wkSp1TuvK1Xrp_GKP3CyBRfHP8Sj3vKT4ilSCGAXPE0ILcBX1bss5ea4pzYywTPo20A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUzNDUwMzA2MjI3MTUyMDMyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1

43 B
398 B

68ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEDglsFa8RAbMJ4IKpYzmds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 283A 35 B
463 B 108ms
27ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ5IbeZI9e6dX8IC39-GBsA&google_cver=1&google_push=AXcoOmQRmUvW1zhHbUSnmOV4MbXD6pRy5_6XK8QcQmSlWKna4-5qcJ_EX9X2ucsiOIEsBd_hzLifdqddadHMoQLl_1D_KVjhmwvL

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 283A 70 B
149 B 164ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECGa8AQ655uZOnfZxIe854g&google_cver=1&google_push=AXcoOmSDs0Ij4GZ-sW9Hlze5HHntGzgtTnEzlES2ECaIrKp-v6nhr3lkwwIUj7K7u74KUKJkHKN6-n8Z0CrsMaaUtj4olJTDOjYBWw
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 283A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEX0GL-rVaLqtx8sdIXYjtY&google_cver=1&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEX0GL-rVaLqtx8sdIXYjtY&google_cver=1&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3OTk3NzMxNTA3ODUxMDk3Mg&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tb...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3OTk3NzMxNTA3ODUxMDk3Mg&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV-wxeVI_rh9RDwNwrEhOW

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA3OTk3NzMxNTA3ODUxMDk3Mg&google_push=AXcoOmSHlt7cNTEgGaPBNp_DGzIg1--jP0EhB8ayftKtK90z4vJXIQ0p6ac-HrsV5UdL6LSe8F11tbkV-wxeVI_rh9RDwNwrEhOW
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 283A 0
75 B 416ms
46ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDSW4SVEmJQ_NWQc-xKcYrI&google_cver=1&google_push=AXcoOmSYMCa-MRMe2jRH0egAQfY1zjbcQgjh2bwPter30lzBSN_6g62Mufn2qEdjpXgKNL85KDdOi26vxxubqFIOVA35gps62z0Fvw
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 283A
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMoHVKDJ8nbboAcmxQQle-g&google_cver=1&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KD...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMoHVKDJ8nbboAcmxQQle-g&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KD...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU&google_hm=TEc4aWlXYnppN...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU&google_hm=TEc4aWlXYnppN0h5STBLemhoRno=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 01:02:54 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTeKoxk1SqDjtD5rL7EwtbXZbDx5X8x13ppKuFVO7ljBEBX8tsm80r4PvJXv6Xe8F1Yq65KDBqSVEJWCcjCXzp6sL3qnI6EIAU&google_hm=TEc4aWlXYnppN0h5STBLemhoRno=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 243
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 283A
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c950c299-eb9e-42db-a7df-b87a8538907d&google_cver=1&google_gid=CAESECy5gc4FYO_3vjLcFYRqX5Q&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c950c299-eb9e-42db-a7df-b87a8538907d&google_cver=1&google_gid=CAESECy5gc4FYO_3vjLcFYRqX5Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSjLr7wxHu4IRRt_2K48uMgutkyUiR1H1ebjKGrmmAaL-4aYZzJDZCXQNWVDrJfWpfKov9JaF6oAgE3tKgLUKO8faYqHaYHqg&gdpr=${GDPR}

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c950c299-eb9e-42db-a7df-b87a8538907d&google_cver=1&google_gid=CAESECy5gc4FYO_3vjLcFYRqX5Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSjLr7wxHu4IRRt_2K48uMgutkyUiR1H1ebjKGrmmAaL-4aYZzJDZCXQNWVDrJfWpfKov9JaF6oAgE3tKgLUKO8faYqHaYHqg&gdpr=${GDPR}
date: Fri, 01 Dec 2023 01:02:53 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 283A 0
12 B 38ms
37ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJcjdxj_aqnpyA1TXFHU9wA5iOArLXuQUleRswjEpHXKml3GpA9gjN-G2Xj3PLXRoN4pxUQ1Y

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0EC2
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CYGUevDBpZbXqMMmxjuwPlfSTsALmzfHdcuv13_PpEYiI9drWARABIJLY30pglZqigrAHoAGIxPK_AsgBCakCU24ivAlPsj7gAgCoAwHIA0iqBNQCT9A61p8DjtfEJOQFP4UsdVTuqTgb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22330408745147261779%22,%22debug_reporting%22:true,%22destination%22:%22https://umzug-hitzke-hamm.de%22,%22event_report_wind...

0
0

115ms
62ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22330408745147261779%22,%22debug_reporting%22:true,%22destination%22:%22https://umzug-hitzke-hamm.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22670867976%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22790623638881254929%22}&andc=true

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"330408745147261779","debug_reporting":true,"destination":"https://umzug-hitzke-hamm.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["670867976"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"790623638881254929"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 01:02:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 01:02:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"330408745147261779","debug_reporting":true,"destination":"https://umzug-hitzke-hamm.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["670867976"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"790623638881254929"}&andc=true
access-control-allow-origin: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0EC2 21 KB
21 KB 126ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:55:06 GMT
x-content-type-options: nosniff
age: 29267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 16:55:06 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 64ms
64ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CYGUevDBpZbXqMMmxjuwPlfSTsALmzfHdcuv13_PpEYiI9drWARABIJLY30pglZqigrAHoAGIxPK_AsgBCakCU24ivAlPsj7gAgCoAwHIA0iqBNQCT9A61p8DjtfEJOQFP4UsdVTuqTgbcst2UJRZwxK2Axr2k-9LkRMpGTwMcBr4pmJKzTR7TlkjhmcKNRzgAOqbJn7CDsVyVDyPfeji5pQ1QdGI6g81XSWmjD93htpS8Rr_9mwUqgj6RBxD8iuKhPmxByvGj82h8SvAY4DJp-cXKGOMdYXi5g32IzoROM5Iqi2efoEUAmm8a1Ut-x5ju-EPHmJ6XxGoFdWVLqC9GAIBqXB86rAKBBTiWHrjB7yw_8Z4oaXQ4OWVzLuBjFVH6uW2RAD9x63Y_8sa5e2EqMhQFPDSmPHbfBZRUmMDP22qvsaEMrNp_6-tISSIhWUPFBRvog7P7e7BAYXnT8TLguK7UbRGBmr_6Up_E9x_sA12qvXG7dWa1tMgLEp22oDeRjt3v-mXzn-zYnL7p8B01zv9BeBLPpV79CseK6klAxJO8tX06KwlFcAE5_3Y-OkC4AQBiAX6i-7gIpIFBAgEGAGSBQQIBRgEoAYugAfgu43AAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENqeA9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYw5uwn4XtggOaCR1odHRwczovL3VtenVnLWhpdHprZS1oYW1tLmRlL4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIn4-xn4XtggMVyZiDBx0V-gQmuBPwC9gTCtAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKg&sigh=PF-2He3a3eA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNJrGHqo_LbfB9IQMvDfX2HePPfH9R0u6k06EyIP50gxIClOhZsLprp1qxe_1mt8z9m2VIkji_IxgB&template_id=1520&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 01:02:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 68ms
42ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e768432dc618df-FRA
content-length: 24
content-type: text/plain
date: Fri, 01 Dec 2023 01:02:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf3b3oqEakcJLL1v8pTVuRM8Qh5d8LfDt7uMf8xPnVAY2RYU0jmrz7WtL23avIwvLP5N8VJPkt8oFgXMft9ho9rGu1gXn0%2Bslz9%2FS5owKxazzI3exa6m5TGVyNhpJLCzLj2pFG8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pl9m

POST
H3 200 rs Show response
ad4m.at/ Frame C236 1 KB
2 KB 46ms
45ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187e3e75005a67555949518c310eb1e8068698a98e238d46b73b213b46d10295

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 01:02:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaZM5uQFFCMGQjU8OPNJIzZrUchJAl%2BQcp8cjRgaMue%2FRKmw7mF27mGRP08Adgy%2F8ZX7vyGAtnnwsk8vXWJUGzVutuqwWvnkdZsvugcElDwykuRR85M9OLlNbkhEQ%2FYL9EzasDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82e768436ddb18df-FRA
x-backend-server: aa-reachservice-group-europe-west1-pl9m
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 288ms
56ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 01:02:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CE9D 3 KB
3 KB 44ms
43ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09acb3786fde821aa27214435f53f33ab780de162c2b07f52f0a50bfb2787553

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gev9eec8mpm0bw3wa2hrrqq5scq8rc45y3841f58x80ssyqtqpd3zstnpda4mxewk1c34k46g5n9jxb0r34b80m3ry1kgn15thbwt84rfq8065zw2xvvp1fvs4eq3ed6pf12mqqw41bkaawkqdjrsrk49gaxr5jrddeeh8nj8r66pjdhkvhewd32c42jge6t988pxy6e9wjn5nhnh617gwhf34zavk2dx43213pmz072z3q12pz14xawszj6fvzvm7rg81rjq8frbymjfpgqjbq7mwvrpvmxp71x37j2e763jf840nwqebk6ec5n9excceznjathes2t52fcs9jr02exrebbj6bapyxdvj4ydvh6rqkhwkzgj03kj3xde6mayfrtjhgwj41qfpqcajt0xvxbvjwrqa459a59qtf5thcdwh85df11an5eahjtqy1g13ehdrb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%26client%3Dca-pub-2393320645055022%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e768446a839025-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:54 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame CE9D 115 KB
14 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2139699
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9sRTYB4pv1Wo98jUTpv3ocVl0adsxFmMMsvvsyJTPJgV8mcjQBJHIoHPD12L3vx4e4Y4dRwyFyQMWYnrnFMh5HidfC%2FuMNsr%2FfXiM4AQpuAi57AuN3Air0R2wVsbkZf%2B6XzjT2FpSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82e76844ba999025-FRA
expires: Sat, 02 Dec 2023 01:02:54 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame CE9D 9 KB
9 KB 56ms
36ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155329
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jL%2BdhXTbb1uRQaT3fRkQk%2BqcK5gJo1mMR%2Ba4S6pGiBo%2FzDFyTh5IQdKoqsIBsLOn9H0VfmePJ5pDDlPBqK9QzNxTl5%2FXRREtiBB1ZxfQkkQN86hVkji%2FWOyEQIfEt2StN8u6Yzhe6uBm2Hmq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82e76844dfa21c1c-FRA

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame CE9D 28 KB
29 KB 52ms
32ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455739
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fm7dkz9aO8qopFfG8S0HFfh7dLNr8b359ZMjQ0tVjhBa9Rpz%2BSIIT30EaUY9%2FYfzPCVa6ZB%2FBwwyx3jvGfKl1siesMXUi9eMrmJrxA0q5rgEiVUs8kdOFMn7yVu9xVrc9%2FcX89p0PTQHevw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82e76844dfa01c1c-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame CE9D
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=87911...

0
628 B

125ms
41ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=320&d=50&e=&g=45e7df06fe59cc7ef53d4a3dc5ef5ea7%2F10601517427014002961&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701392574027&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gj4n1z113ecymbkc63s94s70e3njt8c8mpszee1dqq8ezx9c6ga8g1fxb51e0crmg0w7h6a7zmdx3crgdqt183mw545adthnrnbaaehadgch36xjpyrhwyc4hkf3savcrf0n13ypm861pwbnn0jh1gmj31tkkzmjy13cjqtw6xrhy7rnk5tsv7rd69nj4bcet0qx5vxdar6vvwrqsmth4yvw0tfmwkpbxj1mgy4cz7pma8dpd4ht31hk4pck2k2jkaqsvxbd86sh9ewg581tzrt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlXOvDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoErgJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nN_YwpgKQ5bUhP7Ot7iiU-y4mgfzxnurlx5yws-emTUL33jzITOf9hVc-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2psGvYJmQ2ZtVr4PXiOEnPcc919w%2526client%253Dca-pub-2393320645055022%2526adurl%253D&y=1&s=&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:53 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 01 Dec 2023 02:02:54 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 01:02:54 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 53758
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: D972DA1A:8594_91EFC182:01BB_656930BE_2DBF6E1:41F0
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0EC2 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=COaKJvDBpZbXqMMmxjuwPlfSTsALmzfHdcuv13_PpEYiI9drWARABIJLY30pglZqigrAHoAGIxPK_AsgBCakCU24ivAlPsj7gAgCoAwHIA0iqBNcCT9A61p8DjtfEJOQFP4UsdVTuqTgbcst2UJRZwxK2Axr2k-9LkRMpGTwMcBr4pmJKzTR7TlkjhmcKNRzgAOqbJn7CDsVyVDyPfeji5pQ1QdGI6g81XSWmjD93htpS8Rr_9mwUqgj6RBxD8iuKhPmxByvGj82h8SvAY4DJp-cXKGOMdYXi5g32IzoROM5Iqi2efoEUAmm8a1Ut-x5ju-EPHmJ6XxGoFdWVLqC9GAIBqXB86rAKBBTiWHrjB7yw_8Z4oaXQ4OWVzLuBjFVH6uW2RAD9x63Y_8sa5e2EqMhQFPDSmPHbfBZRUmMDP22qvsaEMrNp_6-tISSIhWUPFBRvog7P7e7BAYXnT8TLguK7UbRGBmr_6Up_E9x_sA12qrfE3EctLm9t8vYWfknv0vJ2Y0LvEfzORnhWretsf8NOfT_C7rtV7LOr-pix6Ltj3s1BJQhoy7Eos8AE5_3Y-OkC4AQBiAX6i-7gIqAGLoAH4LuNwAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljDm7Cfhe2CA7EJybhYmfW_VXGACgOYCwHICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXIDQHiDRMIn4-xn4XtggMVyZiDBx0V-gQmohNYCjsIA0ABUggKBhIECAEQAWjTu_XRpo8BciMSISACKAE4AkD6i-7gIlgBaP7__________wFwAoABAZgBAxoZChdjYS1wdWItMjM5MzMyMDY0NTA1NTAyMrgT8AvYEwrQFQH4FgGAFwE&sigh=h_Ls1wgUJf4&cid=CAQSPADICaaNJrGHqo_LbfB9IQMvDfX2HePPfH9R0u6k06EyIP50gxIClOhZsLprp1qxe_1mt8z9m2VIkji_Iw&label=adresume

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D573 50 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:53 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0EC2 42 B
64 B 38ms
38ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F34 0
0 74ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNgvivDBpZbbqMMmxjuwPlfSTsAKQ4YGEXLaoworwAsCNtwEQASAAYJWaooKwB4IBF2NhLXB1Yi0yMzkzMzIwNjQ1MDU1MDIyyAEJqQJTbiK8CU-yPuACAKgDAcgDAqoEqwJP0A0JCceGQN0aqVHH3B4taUf9-W7wXs9Gbq6IFbXCjGHBE5vnW93kPFBd6hRqjdc3KxoBogm_XIUzEz45ibqLn8mHU3Y1eGrMiEbRM-qXSGu8XuKlOB_Tv_7dacbdQI-CaK2ptqvKbdbfSV8_2qcJ8TPprWeTT4tInngwww9nC6ogidix0kxlMduWkw71Aed1ACFtDhOgRCNG5eGIkTTA-uJgs9z_QCF11lQwWsoEJoJwDAI2XPnG3KjwNCBi8jdBA1o5flSTwYlLmxFa2D9FnaZV4UE9vz3JljDgX12nlu4FrpOpaxFN0ecGRJnJyBGCqOn0S4gLgwvbWnlCOMIiiUi83nM9YSvy_vfcEtt8ckg4wN1A23wVYhPAtoH5CUKsgvDKA2U2EBuOt-AEAYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljDm7Cfhe2CA4AKA_oLAggBgAwB4g0TCKCPsZ-F7YIDFcmYgwcdFfoEJtAVAYAXAbIXHAoaEhRwdWItMjM5MzMyMDY0NTA1NTAyMhiymCo&sigh=8bzw6vfIK9Q&uach_m=%5BUACH%5D&cid=CAQSPADICaaNJrGHqo_LbfB9IQMvDfX2HePPfH9R0u6k06EyIP50gxIClOhZsLprp1qxe_1mt8z9m2VIkji_IxgB&cbvp=2&vis=1
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7F34 0
103 B 96ms
31ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k7j69mjd4fapybrvqxh4f7hkqfek9xcdc6qtwrm5yg6vk6db0en8eaf0q8z57c7dq8jgd8sqm8q0d20dkxjwm7z4ce5bvher4tggar2h3g3csn5z4j5tz3wxqt93nzn18v8jte10n2aybzwq53186fm5w3dvpvpcksya5j5960z3p80teed4z0hxqmvyh1h2bj69dap5qqmsf1pm9r77c140gj2kx0s1d5h9rhbz4by40g66649wmnfe7tc9h3ff47zty0td1s70xmrkse185k3xcb7zq50pbta7vsrajrnzgxm5c4fef534djsjy36pekqstg2602wg5jn7mnea91pp6ts7qc8csk3e45x25846hp017kae4wkgkgyjd270vf9tk8jmsev27g&b=ZWkwvAAMNTYHg5jJAAT6FfU3VHYrXda5gQYYvA&cbvp=2
Requested by: Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 01:02:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85D8 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_OTDGHnf1SjxobMT_P4anPQ-l3Zj7bqWFOln7b-u_XYy84diaRpI_SCOD1DyicAAb0mZzhfuiFMn1j92XgRrhhcxs4s7vOp76EzaKbbXo0bTo74xiSQptT7zYETkxIib91TRhlucosQ&sai=AMfl-YRPf1OwXeHDlADbB7h919J1EyYo08rFRZjsxk1gMcfgJaCALuY&sig=Cg0ArKJSzJ2fd-jtzwWREAE&id=lidar2&mcvt=1000&p=226,1086,526,1386&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701392573494&rpt=190&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EC2 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHgFWfDlEh5Cmeej7TwBWkJvkinbEp_u5FW-VlTReSG531kTdCl8Yuq3wmzGS7EeRaJTfgZ2Qeuyly5W-p9-YysHXJk6T5F-q_VBH-HVTUlfYOCxrNsO6a0dE8TVn_cVAuvZKuY_wPfy0w&sai=AMfl-YQx4OtAghHcsLEn-yh1dWADsAy8cDnt3mcSBU5YHVp1-RGhoBy5OX6JQqVpvYmj0hs0n4ZgjW6F366QJkk72qDos9p49wpXUczjShHL-z0SxFkaHqDV5M6R-fExHQnkBkdC1gxWEvU&sig=Cg0ArKJSzEwn9T-BZXKzEAE&cid=CAQSPADICaaNJrGHqo_LbfB9IQMvDfX2HePPfH9R0u6k06EyIP50gxIClOhZsLprp1qxe_1mt8z9m2VIkji_IxgB&id=lidar2&mcvt=1000&p=390,426,690,894&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2238348835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701392573432&rpt=770&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0EC2 0
54 B 134ms
133ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lplx7jsy&c=1520163696406&slotId=760081848203&qqid=CLW4s5-F7YIDFcmYgwcdFfoEJg&dm=17000&event_name=first_play&asset_bytes=28728&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.lplx7k6t~vfl.lplx7kaz~ff.lplx7kdp
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/56cd64efe962c88f43d7873e12342f7a.js?tag=video_location/awx_web_square
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 243 KB
59 KB 411ms
410ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d8cea5652dfca2510be0bb7dd6ecab7fc733a000b87737fbf32728b69fdc516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60145
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 39 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl_page_level_ads.js?cb=31079856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af28e1fa0b7aabfa4a23153610823a18f340847984b430a7aec34e7bc96176b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48346
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 7824500842389344896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:37:11 GMT

GET
H3 200 container.html Show response
6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CE6 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 01:02:52 GMT
expires: Sat, 30 Nov 2024 01:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7CE6 4 KB
767 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 01:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 23:31:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 01:02:58 GMT

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 25C1 9 KB
4 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 14:04:29 GMT

GET
H3 200 550964233668833c70e8a0f193337640.js Show response
www.gstatic.com/mysidia/ Frame 25C1 172 KB
63 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550964233668833c70e8a0f193337640.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3a239dc3b7e0a74e2557957294fac25f4cf7f6f9d15bc4af042c251dbc3d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64262
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 00:15:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25C1 7 KB
1 KB 34ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 01:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 23:24:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 01:02:58 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 25C1 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
server: cafe
etag: 16216481440669322801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 25C1 31 KB
12 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 25C1 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:52 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 25C1 30 KB
12 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0
server: cafe
etag: 13853050904789882092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:52:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25C1 202 KB
64 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 01:02:58 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 25C1 37 KB
15 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 7CE6 34 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7baeb07fc887a766e3999fbd4073fbf9ebd193257a288ad12885c5a7216a73bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13237
x-xss-protection: 0
server: cafe
etag: 7237228772589005941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 23:01:40 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7CE6 205 B
229 B 60ms
59ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options: nosniff
age: 113654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 17:28:44 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7CE6 604 B
628 B 59ms
58ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options: nosniff
age: 109397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 18:39:41 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 25C1 0
17 B 132ms
132ms Ping
image/gif 2607:f8b0:4001:c0d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lplx7nb7&c=586710918467&slotId=293355459233.5&qqid=CPef4aGF7YIDFTaUgwcdmtsL9w&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/550964233668833c70e8a0f193337640.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c0d::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 01:02:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

7406716466783941715
tpc.googlesyndication.com/simgad/ Frame 25C1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD36LLQwgEQsAkY9AQyCD1a1WcB1ccz
https://tpc.googlesyndication.com/simgad/7406716466783941715

453 KB
453 KB

23ms
23ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7406716466783941715

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:09:52 GMT
x-content-type-options: nosniff
age: 265986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 463872
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 14:38:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 23:09:52 GMT

Redirect headers

date: Thu, 30 Nov 2023 23:07:42 GMT
x-content-type-options: nosniff
server: cafe
age: 6916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7406716466783941715
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Dec 2023 23:07:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7AD7 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Fri, 01 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

videoplayback
r2---sn-4g5lznls.gvt1.com/ Frame 25C1
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=43c244ad0cd906b3&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1701399778&sparams=ip,ipbits,expire,id,...
https://r2---sn-4g5lznls.gvt1.com/videoplayback?id=43c244ad0cd906b3&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399778&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

0
0

GET current
dclk-match.dotomi.com/match/bounce/ Frame 7AD7 0
0

GET gp_match
um.simpli.fi/ Frame 7AD7 0
0

GET adxcookie
match.adsby.bidtheatre.com/ Frame 7AD7 0
0

GET tum
ums.acuityplatform.com/ Frame 7AD7 0
0

GET sync
x.bidswitch.net/ Frame 7AD7 0
0

GET google
d5p.de17a.com/cookies/ Frame 7AD7 0
0

GET /
b1sync.zemanta.com/usersync/googleadx/ Frame 7AD7 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7AD7 0
12 B 36ms
36ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-yFwvs2tB-reGJ_i1W21PSmPln0YSe88LB_zcdkCw6KjcKn00ULM_anJEXamZtxMmsYMz

Requested by

Host: 6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
URL: https://6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 01:02:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.s.id
URL: https://app.s.id/api/user/me

Domain: app.s.id
URL: https://app.s.id/api/user/me

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/embeddable/config

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3b60v889124234&_p=1701392571010&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1879529940.1701392571&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701392571&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=7&tfd=3504

Domain: home.s.id
URL: https://home.s.id/cdn-cgi/rum?

Domain: r2---sn-4g5lznls.gvt1.com
URL: https://r2---sn-4g5lznls.gvt1.com/videoplayback?id=43c244ad0cd906b3&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1701399778&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=65A26CFE56EBAE3448E5864F99292D7A7355E57D.131815DB55617F5269FF2BF59AC98BF5E393863F&key=cms1&cms_redirect=yes&mh=oC&mip=2001:1b60:2:240:3247::12&mm=28&mn=sn-4g5lznls&ms=nvh&mt=1701391822&mv=u&mvi=2&pl=29

Domain: dclk-match.dotomi.com
URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDQBB2zV6I9qeWFrOH1mKGI&google_cver=1&google_push=AXcoOmRCJo8aGHrT4sA-28CXme95jve0Uea7b_kltFovyxMNkr587JKOCrTPMRp7pGfnfptsoEsqoxr12nSCen4dz-1ovG2FTqY9

Domain: um.simpli.fi
URL: https://um.simpli.fi/gp_match?google_gid=CAESEJfYr2UPkkQ8KgOoYrC2nYE&google_cver=1&google_push=AXcoOmTS3JVgklIDMPFX5Uss-m9fL64x3dGZGiFm8bFZB6nYso4g2ZxoOBn9AAK9AcHlTj4J-ENQbasV2iQXKXYRMfwAXvt6Qjg

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAHdDzxacguOuVQ8_934bDc&google_cver=1&google_push=AXcoOmT543sSsRNzKT_Jr7br7oWHf-Z6Zyvv7ZzxkZsWUNmAMqobSQ89BoqI7n791Kv85r3WYxYMt6lQoIquDZVnJ8gAOAuJy1H4

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=4&uid=CAESEHNg8md09tz86bDOnDeQ3b0&google_cver=1&google_push=AXcoOmTK4cPsODFudbePOO4OPidIiv6PJqvPpkXuA4M8pv6BnaxIpfJI_NZ5T7BX9npp8bJSGtQXLTeQaGfunDyUrjinmk3vRnkg

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBwJUspnNxTsrpmoDnVA4Xc&google_cver=1&google_push=AXcoOmS4AlIAVTMX1TNNScj31uGznQS30bWczM6tvNfCurpi8hsnK45dUkwUQ_8h1rTktXIUWPFrkRGog1QxNKE1a5oDVZeNkoU

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/cookies/google?google_gid=CAESEAkg4ZvQ_iG7KWpYZTztbbo&google_cver=1&google_push=AXcoOmS98KgeWKW0XuwfJqsfgriq_PzfCqT1Ss0Ip2TeOwY1kTwZIK_zzT2ykJ4HWJFMu1GHoMVFVypRhROsq2KsWtPOzEimT8JC

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPQ6giViK1VfzHqEt5nLhwM&google_cver=1&google_push=AXcoOmQV3BNjntBk2YMgS986rCKWRD0BGey2pfU6DNHgidYcYHJbsuXFZr5guGHtOBjJme5Nlm2MXhl5rfsagCjlmggBWw_5Afp1

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:19:44	Name: userId Value: CFknMSPXMuB5Nh3eHf4ak3w4gbzdQONg
.s.id/	1970-01-20 18:46:08	Name: _gcl_au Value: 1.1.1302594684.1701392571
.s.id/	1970-01-21 02:12:32	Name: _ga_98MWVCBDD7 Value: GS1.1.1701392571.1.0.1701392571.60.0.0
.s.id/	1970-01-21 02:12:32	Name: _ga_LJQ0V44EV5 Value: GS1.1.1701392571.1.0.1701392571.0.0.0
.s.id/	1970-01-20 18:46:08	Name: _fbp Value: fb.1.1701392571259.1801422659
.s.id/	1970-01-20 16:37:58	Name: _gid Value: GA1.2.634834948.1701392571
.s.id/	1970-01-20 16:36:32	Name: _gat_gtag_UA_225238330_2 Value: 1
.doubleclick.net/	1970-01-21 01:58:08	Name: IDE Value: AHWqTUmHfiDxtwI6ZflB_QNZIwuHaQEtI7SEqbVOKtcpFfHcMHTnr4B88p8jQLYJDVY
.s.id/	1970-01-21 02:12:32	Name: _ga_LBWQJM5WLF Value: GS1.1.1701392572.1.0.1701392572.60.0.0
.s.id/	1970-01-21 02:12:32	Name: _ga Value: GA1.1.1879529940.1701392571
.s.id/	1970-01-21 02:12:32	Name: _ga_GJLS9JMJCK Value: GS1.1.1701392572.1.0.1701392572.0.0.0
.s.id/	1970-01-20 16:36:32	Name: lotame_domain_check Value: s.id
.criteo.com/	1970-01-21 01:58:08	Name: uid Value: 0710ee68-41d5-4811-ad4c-46caf1cf927c
.openx.net/	1970-01-21 01:22:08	Name: i Value: e06e420f-27d9-40ae-a6a9-ab3df3465549\|1701392572
.s.id/	1970-01-21 01:58:08	Name: cto_bundle Value: UPnSll9zUTZndHl1aEs3am9xOFd3THJ0NkNnbm5YUEdBMEdXd0xiTlp0YnNQbHFueXB4TERhcGRIR0Q3ZjElMkI1V1VuMG9kcXpESldsV2phYkh6OFNHRDlXb0xBR3dGdjFRelg5JTJGYkd5VGNLZE1sNEd3MEZrY2RXdXc4dEIyaDB6QVB0WGp1a2xWTXVvUllKMjRzeXZ2T2tJUEd3JTNEJTNE
.s.id/	1970-01-21 01:58:08	Name: __gads Value: ID=caaa4aa583edc80f:T=1701392572:RT=1701392572:S=ALNI_Ma8j7yc8tycAC0639hUs7yINoBjHg
.s.id/	1970-01-21 01:58:08	Name: __gpi Value: UID=00000cff97987c71:T=1701392572:RT=1701392572:S=ALNI_Mb25VV9oO8qbG_exD7Y93tS5w8geQ
.travelaudience.com/	1970-01-21 02:08:13	Name: _tracker Value: %7B%22UUID%22%3A%221CD093A8-735E-43E4-15E1-2A242FC6DB12%22%7D
.rfihub.com/	1970-01-21 01:58:08	Name: rud Value: H4sIAAAAAAAA_-MSNjQ3MTIwMjaxBBKGxmamhoamQnyGuiZuPq7-af5VbibuBQATpJHQJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dTMqccqOiPK1DDHKivAzzSiMSnVPigQAKelKHh4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjQ3MTIwMjaxBBKGxmamhoamQnyGuiZuPq7-af5VbibuBQATpJHQJQAAAA
.rfihub.com/	1970-01-21 01:58:08	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dTMqccqOiPK1DDHKivAzzSiMSnVPigziNTQ3MDS2NDI1NwYyXjGi8I0Ama7mlz0AAAA
.everesttech.net/	1970-01-21 01:22:08	Name: everest_g_v2 Value: g_surferid~ZWkwvQADmDH_8wBH
.quantserve.com/	1970-01-20 18:46:08	Name: d Value: EHUBCQHHKoEA
.quantserve.com/	1970-01-21 02:06:46	Name: mc Value: 656930bd-d3781-ad7a7-8e60b
.yieldmo.com/	1970-01-21 01:22:08	Name: yieldmo_id Value: 3zEEMqqnn7qXVBCPIGRY%7C1701388800000%7C0
.csync.loopme.me/	1970-01-20 18:47:34	Name: viewer_token Value: c950c299-eb9e-42db-a7df-b87a8538907d
.turn.com/	1970-01-20 20:55:44	Name: uid Value: 8534503062271520328
.adform.net/	1970-01-20 17:21:10	Name: C Value: 1
.adform.net/	1970-01-20 18:02:56	Name: uid Value: 6079977315078510972
.googleadservices.com/	1970-01-20 18:46:08	Name: ar_debug Value: 1
.zemanta.com/	1970-01-21 01:22:08	Name: zuid Value: LG8iiWbzi7HyI0KzhhFz
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: co1bdcixxb5iese1ojzexqk1
pb.media01.eu/	1970-01-21 02:12:32	Name: DTU Value: 8DD9735DF79E398E13F2F0C822E2BD0C

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shortener.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6f5f35fe767ab8d74bf1e0e43eb9e25b.safeframe.googlesyndication.com
a.rfihub.com
accounts.google.com
ad.turn.com
ad4m.at
ads.travelaudience.com
ads.yieldmo.com
app.s.id
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bcp.crwdcntrl.net
blog.s.id
c1.adform.net
cdn-sdotid.adg.id
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
ekr.zdassets.com
fatchillianalytics.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
home.s.id
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pb.media01.eu
prod-rtb.ad4mat.net
protagcdn.com
pv.medialead.de
r.turn.com
r2---sn-4g5lznls.gvt1.com
r5---sn-4g5lznls.gvt1.com
redirector.gvt1.com
region1.analytics.google.com
region1.google-analytics.com
s.id
sdotid.zendesk.com
securepubads.g.doubleclick.net
shortener.zendesk.com
ssbsync.smartadserver.com
static-de.ad4mat.net
static.cloudflareinsights.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
app.s.id
b1sync.zemanta.com
d5p.de17a.com
dclk-match.dotomi.com
home.s.id
match.adsby.bidtheatre.com
r2---sn-4g5lznls.gvt1.com
region1.analytics.google.com
sdotid.zendesk.com
um.simpli.fi
ums.acuityplatform.com
x.bidswitch.net
104.18.70.113
104.18.72.113
142.250.185.162
142.250.186.162
145.239.193.130
15.197.193.217
151.101.66.49
159.203.145.121
162.159.128.7
162.19.138.117
185.86.138.155
193.0.160.131
193.84.85.178
198.47.127.19
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:1901:0:76b9::
2606:4700:10::6816:3556
2606:4700:20::681a:7f9
2606:4700:20::681a:ad1
2606:4700:20::681a:bae
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4bb1
2606:4700::6810:3965
2606:4700::6810:5614
2607:f8b0:4001:c0d::78
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:26::a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200d
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.102.146.192
34.120.135.53
34.246.240.36
34.255.67.121
34.96.70.87
34.98.64.218
35.190.0.66
35.214.197.221
37.157.5.132
52.85.92.127
54.154.193.186
64.74.236.159
88.198.250.30
058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
083316c0a4e96f0267d20b39d436b977920b791d47c183cecf999ab403449437
09acb3786fde821aa27214435f53f33ab780de162c2b07f52f0a50bfb2787553
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8
184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
187e3e75005a67555949518c310eb1e8068698a98e238d46b73b213b46d10295
18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e
1996d16604b14f7f83fb927f0f64340eb47857de583178ea2527cf7daffb162b
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1b5560f3dba33da8fae918cd0dea912e7fae5677c5620d64f53b06891e05d154
1cb590451a69ee52655f6fb7daf47a61f07fb93e5d2d53b33db6d167173aa21d
1d8cea5652dfca2510be0bb7dd6ecab7fc733a000b87737fbf32728b69fdc516
256397cfe1a343f2b58feddea2c2a5cef61af2ab4e58d15194e497e981ccd26e
26c35d62e7e1889544e91174e6637c611387f2424fec6b0c8b642883903f7309
27556c5bee1f831299bb5db2db87fcb91dbae0eec00ae1389ee7bbf2fc835b76
2a6d204a88fbccc46132201cf38d299d7c4be9b7ea12eb9c102c67d5a1812228
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dc68c5577165f87e62efceb43f280db3010a4e6f93bfc480579d5669d9b3cb4
345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a
37a1b71b721845c15b7a6d3a7b4f3cf9d1c65b4f8fdf03da5d0a0924070265e6
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b4c3c9475a02ef4e52e1459b5f98ec640c35458a90ec8779465fb477f9e7fee
4c3a239dc3b7e0a74e2557957294fac25f4cf7f6f9d15bc4af042c251dbc3d13
4c5358e500090b60f2e1e41d203bfa365a80ea276a461232418a956a309dccb4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50aa47c223a2b331ccf7bef5f39ed9987788357404a2ec9fd7f7958c8af6f046
54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
615195f98c309c5e4a26709bf70a45b58652631504af76b2fd0cd125d88da621
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c82669b30bd4c35b45d6dc6a688c04eb7bdae11e594665034101b09b200671
693355a112709c5b2c697d1a6f4f7d45f480d2580e9d5ef8ff53c3214c4c874f
6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7494de461c57642af4f4d2c7bc0f845cdba6c2ed404008fabb74d1bf1dfe0202
760941766f1a3320e81362e808f4ca59f3b96b746d6301f569a86c9529dadfe7
7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1
7baeb07fc887a766e3999fbd4073fbf9ebd193257a288ad12885c5a7216a73bc
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91a0ea93f45493f3e4cdb69f0e01c67d4dfa26a734bb2161952a9a6f5ce7eb06
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
92e7d8d618f31f87cf609f243425b8d668496b2e2f917b3ddf61c13dd236d15f
95eab1f50cdd260b2e3e64a5f1066b45a618a3b22e6225df5d0c4870d3e498c0
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cfa56c12642d5166f228b0dc5787c9b359eabf953140de22d607e622be260df
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2d0d20d1d376701a13169f896d25105d3e8b4be25193bf3ac428eddd3db68d5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a99ed8f3f3d04df3605b8245e078ba63e4eb6a43c93c77e841f6d0eb966a5d09
af28e1fa0b7aabfa4a23153610823a18f340847984b430a7aec34e7bc96176b6
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95
c07cdfcf558997a19e3a76b87c82e931c456aa8fac591a7925f63b195e9437e0
c43c9e6efb96e5e2a27781ddd654e49afc9606ac4d0ee4584a004714c8fde6ed
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
c88bc699e21ece44e12f74beded95ec962aeabaf6aca250bc0640a75b2191afd
c8b61d2de9865afa7dbbb91782523d03263294fb81eeae08e9ee0fc6f121e1a6
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
ce38c359aabdb57085497e7b38e49d623319b6be350da3ff5c0933d5e6b92b98
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d1b600b052732a67038fda709ef2ea53bce28396238260ff5c52aaf69ade644c
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
da0a4a9abe62b064b5e2622ade6f855702138ad665a2813508651379b6f5449b
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e562d4407e0fa9ca26d9bbccfe93e7ae90e68f425fdb9202ec5e848637e07c4a
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebe9812114ec1b75ab721f01e51b8db8472d76916bf5a12455adc0ace94f665e
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
edd2ddd164915e5640a8d0286b0f6c520cc7666526efcffd2553c72b83b5d82e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd28d0407fa36fa4ee75ad52825d0a57ab1f0f32322dadbab9ba080ece2e6335
febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727
ff40ba4d747765b06efb1283104398116b5d1f50ca248dcf96964025691ec83c

blog.s.id Open in urlscan Pro 2606:4700:20::681a:7f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

86 %HTTPS

58 %IPv6

52 Domains

77 Subdomains

55 IPs

10 Countries

6965 kBTransfer

13879 kBSize

34 Cookies

14 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.s.id Open in urlscan Pro
2606:4700:20::681a:7f9 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

86 %
HTTPS

58 %
IPv6

52
Domains

77
Subdomains

55
IPs

10
Countries

6965 kB
Transfer

13879 kB
Size

34
Cookies

210 HTTP transactions
3 data transactions