urlscan.io logo urlscan.io
SecurityTrails logo

s.id Open in urlscan Pro
193.84.85.178  Public Scan

Go To Rescan Add Verdict Report
URL: https://s.id/seytaninkoli
Submission: On November 08 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 7 countries across 17 domains to perform 119 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.
This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.84.85.178 59796 (STORMWALL-AS)
18 172.67.75.104 13335 (CLOUDFLAR...)
20 142.250.186.66 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
10 142.250.184.194 15169 (GOOGLE)
2 45.126.58.90 132647 (IDNIC-PAN...)
1 142.250.185.162 15169 (GOOGLE)
3 142.250.184.200 15169 (GOOGLE)
2 216.239.32.36 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
1 142.250.110.156 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
12 142.250.184.193 15169 (GOOGLE)
1 216.58.206.42 15169 (GOOGLE)
2 142.250.185.74 15169 (GOOGLE)
8 172.217.21.35 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
1 64.233.167.154 15169 (GOOGLE)
12 142.250.185.134 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
3 4 142.250.186.34 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 185.89.210.180 29990 (ASN-APPNEX)
2 4 34.247.247.46 16509 (AMAZON-02)
1 1 142.250.186.142 15169 (GOOGLE)
2 172.217.132.169 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
1 141.101.90.99 13335 (CLOUDFLAR...)
1 142.250.184.228 15169 (GOOGLE)
2 44.206.54.240 14618 (AMAZON-AES)
2 142.250.186.130 15169 (GOOGLE)
1 1 54.76.219.187 16509 (AMAZON-02)
1 18.66.112.50 16509 (AMAZON-02)
119 32
1    193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)
s.id
18    172.67.75.104 (United States)

ASN13335 (CLOUDFLARENET, US)
microsite.s.id
20    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn-sdotid.adg.id
10    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
2    45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
app.s.id
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
3    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    142.250.110.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.google.de
12    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
1    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
8    172.217.21.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr01s02-in-f3.1e100.net
csi.gstatic.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net
bid.g.doubleclick.net
12    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
s0.2mdn.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googletagservices.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    34.247.247.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-247-46.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
gcdn.2mdn.net
2    172.217.132.169 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s49-in-f9.1e100.net
r4---sn-5hne6nzy.c.2mdn.net
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
1    141.101.90.99 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
2    44.206.54.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-54-240.compute-1.amazonaws.com
dt.adsafeprotected.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ade.googlesyndication.com
1    54.76.219.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-219-187.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.66.112.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-50.fra56.r.cloudfront.net
static.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
373 KB
21 s.id
s.id — Cisco Umbrella Rank: 158997
microsite.s.id — Cisco Umbrella Rank: 628691
app.s.id — Cisco Umbrella Rank: 507982
1 MB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
97 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r4---sn-5hne6nzy.c.2mdn.net — Cisco Umbrella Rank: 349257
2 MB
10 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
8 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1595
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
pixel.adsafeprotected.com — Cisco Umbrella Rank: 736
static.adsafeprotected.com — Cisco Umbrella Rank: 587
8 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
135 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
251 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
300 B
2 adg.id
cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846
60 KB
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 146086
609 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
60 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
597 B
119 17
Domain Requested by
20 pagead2.googlesyndication.com s.id
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
18 microsite.s.id s.id
microsite.s.id
12 s0.2mdn.net s.id
s0.2mdn.net
12 tpc.googlesyndication.com googleads.g.doubleclick.net
s.id
tpc.googlesyndication.com
imasdk.googleapis.com
s0.2mdn.net
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 csi.gstatic.com imasdk.googleapis.com
4 unified.adsafeprotected.com 2 redirects imasdk.googleapis.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 googleads4.g.doubleclick.net s.id
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagmanager.com microsite.s.id
www.googletagmanager.com
2 ade.googlesyndication.com
2 dt.adsafeprotected.com
2 r4---sn-5hne6nzy.c.2mdn.net s.id
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 app.s.id microsite.s.id
2 cdn-sdotid.adg.id s.id
1 static.adsafeprotected.com
1 pixel.adsafeprotected.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 portal.o2online.de
1 gcdn.2mdn.net 1 redirects
1 www.googletagservices.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.de s.id
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s.id
119 33

This site contains links to these domains. Also see Links.

Domain
trmsskuydk.net
home.s.id
Subject Issuer Validity Valid
s.id
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
adg.id
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
app.s.id
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-14		 a year crt.sh
portal.o2online.de
E1		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://s.id/seytaninkoli
Frame ID: 408086F450674D36C3B74ED62C8ED2AC
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: 93D5D6498D6D5960DACC5BE0D339A28D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699429913&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913173&bpp=8&bdt=492&idt=310&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2987360990952&frm=20&pv=2&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328
Frame ID: 8DEC4921D3283208793504CC4B1D9850
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Frame ID: C602CCBBBB157A936A82BC7E2AB1C904
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Frame ID: 45E31810A5E33991154D75118C2E0A34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Frame ID: F7C212BCA731C64C1F4DECD1D015D8B0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 8400ECA0CDCA1AB35422634B2FDF438B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C7FC0117B5ED587F286429DEC0E648BA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8BD0D78D19BAC174DD18B684E62D7B31
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Frame ID: 64B98EBEDBB76055277FD54F395F2DA4
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: D2C8D8614F22CA531747CD63284F7ABA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF6077420CE603AB1A2665366FA4CFD7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DFF002BAFF998294068D62BC08AF182
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Arac Hasar & KM Sorgulama Hizmeti

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

119
Requests

93 %
HTTPS

0 %
IPv6

17
Domains

33
Subdomains

32
IPs

7
Countries

3849 kB
Transfer

8191 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1
Request Chain 60
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUs.Gzo.FNEfeLVfIJBZpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1&google_hm=2
Request Chain 61
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENR-xHmiz2nPDfT0_tlBkN0&google_cver=1
Request Chain 62
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzNTk1Nzc5NzY5MjM1MTU4MA%3D%3D
Request Chain 70
  • https://gcdn.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4E39B6B742D24519D497BBF40EFACE633E3D9FF4.3C11BA6DB17E1D970B5A82F99289C65076434569/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B1F6636795D27D5E2DBC2892CFBFC63BD16D1C9.748EF9EDDBA86403D017998376100FB9F6149A11/key/cms1/cms_redirect/yes/mh/06/mip/176.115.236.197/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1699428304/mv/u/mvi/4/pl/22/file/file.mp4
Request Chain 99
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiMzQxZjg5YjktN2Y0ZC00MGM1LWFiOTMtMmU2ZGQ3Y2IyNDQ1In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTAwMDkwMDIzIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTY5OTQyOTkxNTMxOTMwNDUyMyIsImFkRHVyYXRpb24iOjE3MDUwMzI3MDQsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1135760&pubEntityId=76105514 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 104
  • https://pixel.adsafeprotected.com/rfw/st/1135760/76105515/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&bidurl=https://s.id/seytaninkoli&ias_campId=1008772806&ias_pubId=pub-2742216534640545&ias_placementId=20500090023&ias_chanId=1&ias_dealId=&ias_impId=v4~~ABAjH0jfckHKgGoP6IPzT6whCjHQ&ias_dspId=3&ias_creativeId=203224912&ias_=&ias_xappb=&mon=76105515 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&ias_=&ias_xappb=&mon=76105515
Request Chain 115
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3NjEwNTUxNCIsImRhdjNfZGV2aWNlIjoiREVWSUNFVFlQRV9VTktOT1dOIiwiZGF2M19vdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIiwiZGF2M191YSI6IiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjM0MWY4OWI5LTdmNGQtNDBjNS1hYjkzLTJlNmRkN2NiMjQ0NSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDUwMDA5MDAyMyIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTk0Mjk5MTUzMTg4Njk1MzgiLCJhZER1cmF0aW9uIjoxNzA1MDMyNzA0LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

119 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request seytaninkoli
s.id/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx / Next.js
Resource Hash
355696ca906fbcf8f289ee77d469d6907ddb05287f18c8ae6fe04809753b5a94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1307
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=3600, must-revalidate
cf-cache-status
HIT
cf-ray
822c3bb92e624655-SIN
content-encoding
gzip
content-length
3923
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 07:51:52 GMT
etag
e_1697385992
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOsSEwFY1I%2Fu3Sn%2BFSx0wtruQp8OC%2Fo74oK1dDtbxjOlKpdFbF6IV909JXknDuTGqm7o5dairw%2Bez4E0RIL0YoY9JWkGCaviJzY3GjrkMbypBqLzfmGp8PvIWXwg3kti"}],"group":"cf-nel","max_age":604800}
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Next.js
a6e26b705378ef50.css
microsite.s.id/_next/static/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/css/a6e26b705378ef50.css
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22109
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"1d816-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa4swuXpibtUlfCLh6un41EZiy99DZxfZqb18WIpUzVwacfNKETRfaZ2TewXjlFO6X%2BE7uP%2Bsml4fjyid6CGqNMVg8fwuSzXW3EcciMGIjL1gUmQzplW%2BR0J%2BVzdvR9z"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbc8ad7bb32-FRA
cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 		22 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19951
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"57d2-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QORbbuVxGqZFw5XqaQ58VvlY%2BFt%2FYDeTmwrV1dORcexMsB80hwo8M7TxX%2F0Z5q7UdEz%2BLFieMB6KH0meKKyY9ZogAmG%2FNa4z19z8eHT1pLf%2Flht7o0Arr2fOXpQSAJQu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbc8ad6bb32-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ae683361cd4c06aa1ef0539d083f93ed3f2bf72af1afdb6da5f7ac7cb5a4db5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52089
x-xss-protection
0
server
cafe
etag
4241169586939648912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 07:51:53 GMT
webpack-9cbf820596dfeb98.js
microsite.s.id/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19950
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"e46-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s52vD1hjaC3DJr9OIV3IPE5mL1L1%2BGMPXLGonuHilGqfaw6wa2WwJcMGxV8qLHjy1AgEzgJ6XqB6EiSyvSHB9tIgdmFCzztt0uxP6r%2FxTiSYNIxAgMVpAGSQouCy%2Fcb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbc8adcbb32-FRA
framework-56bc1d2b5d8be648.js
microsite.s.id/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14168
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"226f3-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRzUO2iBAQ4sGsQ2P5oPs8kj0%2BopKxIB7ghScT73iBhbbvhvinAX40LWBRUe0oGJAFztZagRTS9yfRyQkm0zF5rAOX9%2FfJeUwAJQHMMqLWBii0jUrEchsZs1%2B4igFhmT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb08bb32-FRA
main-559dbfa8afd7d7a2.js
microsite.s.id/_next/static/chunks/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19950
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"185da-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNEXMylKT9mR023LSL8QYQGSgB7gyyrUFOQ9ibDvcAN10mRqSc%2BAfgUj0YhEtbNXV8Wzdtk%2BcwdpMTj2VPrH3lHsViVIbtrRt%2BIQHhZb3ftDZwFVCFV%2Fou5MWJH0s67U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb09bb32-FRA
_app-538933ef5d1d99b9.js
microsite.s.id/_next/static/chunks/pages/ 		315 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19950
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"4ed1d-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXsVJtjHi1Wg66Pg16fiRREZIqiOIGnXRnyRJM7scmy5moNTyFXFutknOY5wo2wIpXdvKVZdXW13aUgmy7y1YUSxZOz%2FkFr3N3TWcxTQDu8%2FN4teiWBuuU2nhZ36LFko"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb0bbb32-FRA
f85a1fd0-0ccc9e26436af44f.js
microsite.s.id/_next/static/chunks/ 		476 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20645
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"771a6-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z56hwvBvLWGw77Wor5h4w5j8Wne993QYe6cyY40umETx54GokLZ2YjTIMaA8Zv2oraiPvooOFFhlySM5uI%2BAAGwIkC4J5rd8tnJF7vwKOLGEy47HTZsENDapmZd4yUTc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb0cbb32-FRA
347dd6d2-909e20e25b7384a8.js
microsite.s.id/_next/static/chunks/ 		948 KB
283 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3659
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"ed138-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5NsBgyb%2F1FYoZrEiONKupC88RZaxbBiwRGyfzSkgu4dXBwKozGIPBSCPphHtNbO7XSDm523NM0MFtEmggytm69RisKQFQ5eneuL7AWZtAT4tDBAx5xw2s31rdsE07bC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb0ebb32-FRA
b7322211-d279212bc11c825d.js
microsite.s.id/_next/static/chunks/ 		501 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19950
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"7d3a4-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JE45WVDh5e7YAmazK9HC%2BwUpgHnFwD2qlLsyTGi2Fpbxrcj6US%2Bydo8s4TpRglbn9e%2F%2FvgxXPQMzMs49tvcfC%2FURa0%2Ffe3ySj%2FVlcXnAsVcJAfvCT79jjLfRuYBZxR8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb11bb32-FRA
865-541ca60fc46f1bbc.js
microsite.s.id/_next/static/chunks/ 		596 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/865-541ca60fc46f1bbc.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22326
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"94fd3-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJWcdB88YIE%2Beq8gZo99mCF9jKRtwzk9lgAnD5QwQ2hEO1OGmbABMOG2U3Rf7o34t7azh1SdkErFRZhzbd4RtcbhRAa1yW8qfyrTCdNaUgyQRwvSI4cdkTcvgBJiFAW4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb13bb32-FRA
%5B%5B...any%5D%5D-f3f713278be240ee.js
microsite.s.id/_next/static/chunks/pages/ 		171 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-f3f713278be240ee.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20645
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"2acb7-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=874Pl7zoZLJ3VMatWn9amMKKnuwRS4xU6tCldgT9NhUHZu%2BE6E2uwvUIjP1qWj9%2FSGC91eBTY6oRFc1KwFIqWFrTRnmV0kgLqiUfPwVI0SGpuw6amrwaO6audNPL65u2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb14bb32-FRA
_buildManifest.js
microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/ 		578 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/_buildManifest.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20645
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"242-18bac725540"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoIE1jvGg%2F4v7o0s%2FCN%2F4aYyUAA0GK2O5fwg5kp0%2FP3k%2BDvHq%2FGRrHUN44gmHMXuqYmpC8FHUtkcUlK1pYAtQ7DMc%2BSrBpFi1ggL%2FBDN2I1vnwHdOXXiM9bhq5f7RSpl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb15bb32-FRA
_ssgManifest.js
microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/ 		77 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/_ssgManifest.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22325
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"4d-18bac725540"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1XfqZWns%2B8shQt3HFw5FV6XowrZ3bnKIJYvWNNceD1MCnVS4ZxR%2BPLlDrI8Qc7oD1mu1Dg4dJSy0XWXnvfAFtfr51yvnDlYWkJ%2FkCXz4QC1C2ZH3JkEJleptsuTzd%2Fp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbcbb16bb32-FRA
montserrat.css
microsite.s.id/assets/fonts/ 		3 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/assets/fonts/montserrat.css
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 06 Sep 2023 09:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"ca2-18a69dfa4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCu8%2Begzj2%2BgN6v7sjCafK4hg2NsXLb3XmqJfKwoxPXoFoeVYgiDTXaAnG%2FLh%2BlXzFmwlzoCCoCHjKwe5NY3QzCWEcKfVPFDQGh2JUaWIlNzaaORHKBp9BymizOg2iKc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
cf-ray
822c3bbc8ad5bb32-FRA
alt-svc
h3=":443"; ma=86400
work-sans.css
microsite.s.id/assets/fonts/ 		4 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/assets/fonts/work-sans.css
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 06 Sep 2023 09:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"10bc-18a69dfa4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EAPXJ7JeAUSsksrWMtzxS4h3gkIHoo9LyRFU4awLdEjT79WPEhhLQbXvTXMPYl401W8g8iKkxO8rnj8QiZxeJILuUCYE88VMZnoyaeZxMwonlnGqqY%2BndGn93EOsrVg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
cf-ray
822c3bbc8ad9bb32-FRA
alt-svc
h3=":443"; ma=86400
sid-neu-logo-dark.svg
microsite.s.id/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsite.s.id/images/sid-neu-logo-dark.svg
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 05 Jul 2023 23:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"2137-18928513d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWTfBDLrJIzScSBZMifa%2BoLZG7ckh3Jwowx3DmW3JkVFk2DXNSmx465bpFRaccJAsKGS5xF%2FJpotuYAkTR1ulATaik%2BbX%2BFGC2QY%2BHmLHLNUxMnnk8sCn42GxhfjBSQc"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
822c3bbc8adabb32-FRA
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d19f5bd93f0105e9e5090e9b151bc43b12a08ba555f4fa77a26eb8c980d0c150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138483
x-xss-protection
0
server
cafe
etag
4365313403153483600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 07:51:53 GMT
b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg
cdn-sdotid.adg.id/images/ 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-sdotid.adg.id/images/b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b93bffc28900c6afcdef1df7fdaceefea744d9df0de2484d2c5a1fbee9dbc8e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
x-amz-version-id
.qw7w5twjRzN_SUDzPlQ25vIbU6qMdzT
via
1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
age
3659
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Jan 2023 13:08:45 GMT
server
cloudflare
etag
W/"d6c331fefd1defc280936895ce3bf526"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmSslnLGRtAHsZNWN7v29H5dw4KgNsVkaxV0EYKYRHP%2BtMlYoVIvIc%2BIpaPIL9i6Klprp0d5CL6yFJqO4qkZ%2Bn6ezV9wx%2F4Qh%2B5a9C7iL8tA57oTuxtwg5F0%2B8520yMf7wB1Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
822c3bbf8d5291ff-FRA
x-amz-cf-id
oS6sAPpflpC6Jeodpc9nawF8OZ3_CCE6KU7ShKZRadTwa_hPIcL1Gw==
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 93D5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25997
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:38:36 GMT
etag
251720774729838433
expires
Wed, 22 Nov 2023 00:38:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2
Requested by
Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://microsite.s.id/assets/fonts/work-sans.css
Origin
https://s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
47800
last-modified
Wed, 06 Sep 2023 09:42:59 GMT
server
cloudflare
etag
W/"bab8-18a69dfa4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3aJN1pGamsSmmFq%2BsnqdHTRvRISMpHXRajH1U4dLehXrC24nkErInCEG0iVrBQIMWinW1%2Bp1QMiw4T3ry4lemOstGcvtUcntYvQ0kV0emqdOwQFNZpyyB%2BPcOVE%2BpXO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
https://s.id
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
822c3bc11961bb80-FRA
adcap
app.s.id/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.s.id/api/adcap?short=seytaninkoli
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
ds,x-rpc-lang
Access-Control-Request-Method
GET
Origin
https://s.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin
https://s.id
Connection
close
Date
Wed, 08 Nov 2023 07:51:54 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
506.9f321d440064bb53.js
microsite.s.id/_next/static/chunks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js
Requested by
Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22325
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 01:00:56 GMT
server
cloudflare
etag
W/"44a-18bac725540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuxvVZE521XJSjWQSCfWpr%2FZQ%2B629o0xoOv6ESUs5UW6IpQ35%2BqifK4uKMrZTG6%2BRjQUgL%2FOFpwD1pHFxQ94DPzMXEfH1MUj4OsyHsdkcO4BQ1K1nLnu%2BKq7zCYiJAY4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
822c3bbf2e0ebb32-FRA
adcap
app.s.id/api/ 		36 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.s.id/api/adcap?short=seytaninkoli
Requested by
Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
Software
/
Resource Hash
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
DS
1699429913,624k3l,da8b307a3cbd2041dfc003b8218d99ee
Referer
https://s.id/
X-RPC-Lang
en
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 07:51:54 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json
Access-Control-Allow-Origin
https://s.id
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
cookie.js
partner.googleadservices.com/gampad/ 		375 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=s.id&callback=_gfp_s_&client=ca-pub-2742216534640545
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c7c8507d3d7fe44d5e76db15aa626f3c4a9618bf9ce47acf38988dfd0e4736c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8DEC 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699429913&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913173&bpp=8&bdt=492&idt=310&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2987360990952&frm=20&pv=2&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:53 GMT
expires
Wed, 08 Nov 2023 07:51:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Requested by
Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7c66caa768273ed77f6a816f6f5e8668df91e66704504ff601f3660a5419a727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85106
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 07:51:53 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Requested by
Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4c7901f8d3f7a53ccbae49170b226f1bee8263553af8ce175220102685406e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85759
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 07:51:53 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C602 		87 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d912f2901895aac17f9b7207b9b38df9d8fa379a5f6ac8078767b119ab35117d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
27921
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:54 GMT
expires
Wed, 08 Nov 2023 07:51:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 45E3 		118 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a8ef2f2146b16187d007f410b8697f9c65149d05aba2a4fa15e3de7574e05894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45455
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:54 GMT
expires
Wed, 08 Nov 2023 07:51:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
23058e1a-37e8-4798-822c-5305637fa010_450x450.png
cdn-sdotid.adg.id/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-sdotid.adg.id/images/23058e1a-37e8-4798-822c-5305637fa010_450x450.png
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcb729d76ea62fd0ce73a62dcf6677db23c360168a9b2c5402b9bd264648a28
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
x-amz-version-id
deePLH.nRPQgJ9dKMF_rJo_BK8837MnJ
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
59315
last-modified
Sun, 15 Oct 2023 16:06:31 GMT
server
cloudflare
etag
"35ba473d82cdc8698c49c61637cc64b7"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jB1Oz4ZdtI3UF6Urfu8CIHwxQvXkE5zg0ZCE1oreYhjwZyuxrvCVt%2BX8FTBS1ZgJYmehobulWMHkSwY9cHIrNJmFZdv8zF4adnRQFSQ86NXXMn56M6sFUtoWdQigk1f7ZtxlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
822c3bbfad5d91ff-FRA
x-amz-cf-id
RKrjpAAzf2l8q2wXrqwHaRkb4MiS-yaxhFwW5hmdCILxc0G2JGp9Pg==
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1699429913509&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1601864213.1699429913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699429913&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2793
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
936450ab448610dd55c7884fe8e13d2928128ff181dd2c75a39144e5d1e550dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85874
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 07:51:53 GMT
collect
region1.analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b60v889124241&_p=1699429913509&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1601864213.1699429913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699429913&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2836
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=1601864213.1699429913&gtm=45je3b60v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=1601864213.1699429913&gtm=45je3b60v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=312951816
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame C602 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
css
fonts.googleapis.com/ Frame C602 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f10.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 07:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 06:21:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 07:51:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame C602 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 14:01:25 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/ Frame C602 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 14:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133662
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 11:36:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 14:01:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C602 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
csi
csi.gstatic.com/ Frame C602 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lopgoykg&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C602 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 13:37:19 GMT
x-content-type-options
nosniff
age
324876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 13:37:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C602 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options
nosniff
age
445503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 04:06:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C602 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTXoNGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwHIA5sEqgToAU_QP981aJF883Wr0uAXxdMsQPxrITrCxgxH4fql3m0XpXIe7npDT9Irsw1inMMIEaXKL0nwpotL_UqG3fSatfLu9Yw2rj80vwG5U75CIZOScDLmX7RkpAYnQPa_yc5dVa-XAozIEYrpTrklZK2sPdACf3YcvEsvqGXXGY4aFXbX87GMLyPMBJQJFZLYZSGKVxVO0rbbtbntAP70AmRMFFgPdsh4nQkinBFT67YmE1priWgTlZMhYlQbRfaqWWuZLWS9uI-CDDo_AM6znQ2X67mrha9l-i5WQY3H9vZo92WahIkZ0IE045XABLzXtKXNBOAEA4gFp5mar0yQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPk5LUV0BMA2BMNiBQK2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1699429914892&ai=CTXoNGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwHIA5sEqgToAU_QP981aJF883Wr0uAXxdMsQPxrITrCxgxH4fql3m0XpXIe7npDT9Irsw1inMMIEaXKL0nwpotL_UqG3fSatfLu9Yw2rj80vwG5U75CIZOScDLmX7RkpAYnQPa_yc5dVa-XAozIEYrpTrklZK2sPdACf3YcvEsvqGXXGY4aFXbX87GMLyPMBJQJFZLYZSGKVxVO0rbbtbntAP70AmRMFFgPdsh4nQkinBFT67YmE1priWgTlZMhYlQbRfaqWWuZLWS9uI-CDDo_AM6znQ2X67mrha9l-i5WQY3H9vZo92WahIkZ0IE045XABLzXtKXNBOAEA4gFp5mar0yQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPk5LUV0BMA2BMNiBQK2BQB0BUB-BYBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lopgoyku&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.12a&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame C602 		25 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CADlH-WItWWSrEBLqVwYocsO-HyEKvdI9S_x3I0_b_OUpzapKH1x3Ru0EWV69gDEoK75Ed0U2B7yBRsXFXh-SF7mJ9QQ&dbm_d=AKAmf-DueuSk_d9IROkturXVjEh_XCSTRNn5nwkZXdt3odrX3o6wPzIYanz5t6y3UojKQnXqT2Ywbr1Bf24vKjLgfO5UleGdWkzOzQ_28fLT7qSYu6H0X-cCr76XpNY_DIjdh7SvoIHNafuXfaRD-lmrLrIwOKmabFLFypZZaYma6VBw_P5buIIQ51BY4XAubKM2e-EdlxFKP3KJQFK5Z7t8AKR55WlIUM7ey9DMNZSNyYj1TpNdfYV5rSOEdDwzRxU3Acpv33V9LhyC8KPe5bhJdOwXT1NiUShQo60YInHAdPdWLU-sGIco_WEfChJqjX1FRU4b34EdSY6-k7kdd7LSdRr9AxaKgM3SZE1q2jIG_oua1RIayDRF6aoreujgh5lvd4qz8lbVitDDHTSRc1FfDJ-Dsa2Nex4wuyxf84WE0_BIAA3gnxmcaxl7gruvi5c1FpQufoA7mOwra6iiE05e7_c8bQDiQgMHPM8L-Y3rk4_TbuVwPzaGzont9BZvtDU8-AzX9MIQ9XtY8f-oHzL5FAwVNMWYqkMVDMX6KMN4Y9dAj-peMAxYiMdaF6xz4hy2wIBLQ6QN6ITtq_NsJrsN1iVuu_TFHxZ0WazAqNj6OfqjYYOOkFGDR4NUPYfPcv0Z9hM1BVFCx5FGhcLvfTQ1MKZSflmEILVVRFl8OlhvtINWJM_ZGNmWYGBYc_1q94nLsX4eHlDd6KWzEfVH7kGS1DNEVPUgMmKpms-UMHDZ5HZoFKso7Tji7TA0-nv8XmG8cI9_11YOriZBzdtV50eNlGY9xJg_4H2LnDNObzWWljNj6seKpdD0kW8Ca4udHr-56qx-JQI8ddpghkZGGm_2eN5cqzpL05AxEQJ34lXXi_bM-NQWQM7GzHJ1wO7p2Fe0jbZW9gDvzDXSOkyQpA-FoymvD2e6mlhiLaPBy-F8cfC2Q89_msOyhYQRm9bhR2Y59Vpn-paABDyDaHqqtwdSSBce_wTrKR7PEOkCz9oW8BbMBjgiIBXscdcAIa4u2mYDJWolO4cTzvWEnkC70IMu9_lRnrAlGVuschJjjotLkrvXrhHwY_P3l7j3d1GQ0V4sds-558xBRgaOW5aTQTQ-X56BwwP-nTfsa9MOc2ExND4sEOe_34oJthdfXbTa_exPHRaqcqxbPqJ2riQ_JWLOfpsbr6SmiqtrDcrnb7_SlqDcLNOiYIjWrM3IYmYtVJn4CLmq7xsx1551VRJ2APNjqxILVpS6YtWGZV_-iA1Tui7PCSC2l3Wfxx65PsSM9r3-XQZXE7rqmuRjuv3LTyKP0MFcSr8Pi91tMhl6NvXNWwL_I6F3ThV8DeF-_woiJcBvk0OaS3Y9V1APU1jrjUe1bnkAYBa6kU7HiQqJGi3heIdfTle8v_eST8HfwPfPzxhog7wUCz7recUR7i-81ZjILYZQi4mWibhRIGW-P4ZX3KNZwZGL4YpHx0T0qjcPitb2GRwd0hOMy2E8mOffJzZXJM-Psdt_R8zNI-2Bfnh9Rz8PW4DxHJn8x6OBtg3nRD54psZyVHoWHG6EMkz7wxrS-2mcZv-gxGG8oibtIlt7iekKUYoOnpkwIiy0NYJRzCGX8--spWOmLXz5WJoulXwAmJbUL1UcM8pvwdFUF90IvPXfVMuYXP_ZVDYiqWA5ndnzgFFNKEtFonp_wnlKCych9bMbQ-qaIN_BqJDDlo9qcR3CbkwmjyDJOS1kUTyma-zRAwhD3_hRGoVRmaBFgFDNn42I0SsOg170xG2KNaw6SiOEEj7T3Ym8KuvA07Mx6ySwfdj7tLmaWsqBkNnVYccyjfGeaLjg6eW7PiRkoBLvwHfO7v3M5eQibWhyGm4GE08ACSQoJisBJi5UliQhWsC-GDb8rPBguAMk1siwsHTbogWlE2d_FKXCJ8E6rVLXj_yBTY6yjqsHmf_Ye3z_4eje1Yb0cKzobLIOl14g7Vs32rDkcGxh1wOWlPfCb-ClaPkmnRVEbzglbF-w_OLUNzC3oVAwAbWVEekVFkUB3NFmmxTkZP5FLellZ1MhesgON04umPd2n7bkzifG3i0n8zHp44LIc86aFwkCrV3aoCusKxIxeN6uOUT_Wc35ajQax9XoX2jUCG9zlFp39T5RXQgNJASE9vlBRwAjIM0v7Q34tL7s_lJw5Y991L_821t5-qvjCj-e_GRx1dU0CYxju-z6zJ8z0QRpPsfjqbnHOD81Q8DlS4LyaQszLL7LCVBLgbWeYO0WX7AjvereVCX30YTChaYNJWGeGxUrGs6McljAMva0X10fzN5LyJzqP-2_qoyYYyQMU99B0daMH8pktEfS_xF5HOyhONvTmgqxwBv4lahdcdF_2oyakDQSrVFxjlYPwp3l-C9HA5gNnmMJiZ2WCfc0hboiiQxClt7gRMaIk0mkuWwCoi0iQVyWuxmZi6N0U5DMyR5AuCfQWS3Ari7oBwOUYdFBfKH4ZJOUjXtcaJ_4JFa92qhqnKLj2oGMSMA_Th5uduX2ZYS-QjbgIdsX4-umfOcJjFIK65Du7z4U_8QxOx7DsrwInvcks9gxO0qLqcKeFRMoiKWM9Hl9KdhOLhce63SDJogA2q2lYAbOTegkqfymNgRFs40fR3pBAS2CRFUrO2reihJvf7xxn1rvUpzm1qxDydwq26JKQdcJ1Bx119DBGDrWiBo2P5wI91UN6oYaDsiRXKB2aHstasnaPNLSsmIGKRuGLJEea3j2zQEji-1ERr-8bYQmhhnL5nQrW4XDTkr470fDdMjtafdX7UzfjyzRJIxw7xh9h6NLJTMDgHAGbJj9cQ86MkPh27YmGRnPqejkuA18zTUwNmVzxmXfp7v4wP4iMqxd7kJisnmtQ854QNVzA6B42JKXbIT_Xzvw8Mwv7ZzqGCtMzkKpM4uMDFOvFRAs0HZtK1KD32lwVn54gPa6GY4F379DdleR6g25H9S4cpGgg_B0jQF07zSNPgFoxAVlGtrqH0wUSoNeSok-BwzgFflcqQm191yoJQb18NY86yYDFdnMaguL82MIo-xFGH7-_4ltztfBNGyTxHbK8QfouSdSDcODXzX9QRYRa1aWCF6tfLNMf4-BX6_0J8o0_oleYjg5YIMoEayfZ3UkbUGiw7SKylgeyJ1blH5jYALF2XZMHOPp-gg1Xn7IiOm9UPJE9-zoAsmGXlpiT5lbSMSQ73tt2qkcnqOEydj7ShTf4gDGede2ZDlGisL7CwCnGoZxozjRD_u4nPrxy60gXWfF4Iw6CbNpaLwIGmd-C68Ew88jErVNnKsT6IPRbBKsba1SYeVhOO_vQBHzwwTwQwWLcjDKU_PXiQVq70qnJriu3gDBL-IYP8iGCePN883gzwPSy2vcaDlsxAaCoay1on5Bv9frywaD4QD0T8I3JUh702KZidTIaVFR4QlghQYOv7z--Nznoi-gUwyO-BxV6AioDvqd9SSFl-0rxdyDLzuDGue8cKIjP2_xMdzGhjllxivxP9PD0Sfk4zqYFHlEkK0&cid=CAQSTwDICaaNij8YJ3pAGB-w4-0kApd-OPBSkmcyW2iA35MnBTyvMVcsoJhvlCHqAurlTwfQNk9_npl-iKiC2Y6WO109EXpIgaoUfIAhdW1ocVYYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f154.1e100.net
Software
cafe /
Resource Hash
b798aa8e098b67d4995b740e66c2989675aed8ff4fcee4a28aa4bc1642234685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16986
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C602 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
520a62487f539c5c28c2824744f26c8d46fcf76b6a533e912d399d7549280d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame F7C2 		624 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:55 GMT
expires
Wed, 08 Nov 2023 07:51:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8400 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 12:29:11 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 8400 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
41584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:18:50 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 8400 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:06:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
42314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:06:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8400 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
177932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 06:26:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 8400 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
39698
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:50:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 8400 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
42570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8400 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 07:51:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8400 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AV4-J-34BHiPHe2A20q8rhQrwpwTumQr2jAFNOzKCWMZIjGkt9yW4aXF8W-UX_HWHu5RZV_cKAkT5COlAylU8I37N4Uka3zD4Kyj7SNLazRAUC2T8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C7FC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
177933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:26:22 GMT
expires
Tue, 05 Nov 2024 06:26:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8400 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70b1adc46a399441725230fcfd1d908e983daeca040f93fb4adf60c6459790ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame F7C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vCNbHfzOko2s5x70miJ2BA8veknvEqgbZx%2FSh%2FzyQWNhCqEvnG%2Fh2BikaFkdAxBCj4AdzbSamrhCFtplV%2FxjHgRtNpuG5Zj4oU%2Fxvx7MrQXWD0NQX0D4OGeMOP%2FaqUqhLseYEaaytOemg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822c3bc989c7912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F7C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUs.Gzo.FNEfeLVfIJBZpgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1&google_hm=2
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiyLhMTanVlkgBadmGROVVBXNjnGPqOf7aN%2BieqqP9RF5qOZmJ7XSLTjJAls2rmq4OP71ZexsV%2FwRK64oICWyugCwsypcvs%2F%2BgP2BOzrd1d%2Bmg%2FEEdZ6ZTkVbH9V5V%2FqKWXk0Gxr3YcPeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822c3bc9ea22912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBRJ9iuUTHtN3SoLX2XGWA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F7C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENR-xHmiz2nPDfT0_tlBkN0&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENR-xHmiz2nPDfT0_tlBkN0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
an-x-request-uuid
c9d8d796-f776-4ffa-8d9a-a92395738659
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.236.197; 176.115.236.197; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENR-xHmiz2nPDfT0_tlBkN0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzNTk1Nzc5NzY5MjM1MTU4MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzNTk1Nzc5NzY5MjM1MTU4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi4y7P8ATAB&v=APEucNVowDs1F-dJDKYS-CgsNaFsDj-jLzpEK9F91_aJkRihp2mwe3-8qMY1w6sAkOrkZQoGbijFVSFv5k3gUNeHJNUg9ljBGw3T5mzbag-zU0eUONhn5XVO3YIyayCHfsW_5Q6qkvLdN7lxKqpngfNpV5s_ZEESX-vsw07TJnQUhBZJur3VSyM
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
an-x-request-uuid
669b69e0-ed80-4523-bcec-75eab48d32e3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzNTk1Nzc5NzY5MjM1MTU4MA%3D%3D
x-proxy-origin
176.115.236.197; 176.115.236.197; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame C7FC 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 07:15:17 GMT
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lopgoyl9&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
76105514
unified.adsafeprotected.com/v2/1135760/ Frame C602 		23 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1135760/76105514?mon=76105515&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xsid=[TIMESTAMP]&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2742216534640545&ias_chanId=1&ias_placementId=20500090023&bidurl=https://s.id/seytaninkoli&ias_dealId=&xsId=ABAjH0jfckHKgGoP6IPzT6whCjHQ&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jfckHKgGoP6IPzT6whCjHQ&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B30857687.379597277%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0jfckHKgGoP6IPzT6whCjHQ%3BEXCHANGEID%3D1%3BSELLERID%3D340397954143%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://s.id/seytaninkoli%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNjk5NDI5OTE1MDI0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc25lQmdQSzhHTmtMZjZ0WUt2Z3RXc2Y5THBET0Y4QmdUMTlzeFZiSzcxSXRua2FNX3dOWDhYZGJUbkVRbjFOZkpwbGExZWZGYS1BRWh0UHdtQkFjcTBkYkx2SHBQSUt4aFJNcnVPTXg3c1VnUTZQMUN2Vm1GWUwtZ1lCdlV3V0gxMjBMNkc1dk83Ym1MdGg1YnhSb0tHYWJscDVraUw4OTVRdjB2RHV0bWdEdzBaYmNKS25tekhNMEFGdzdjSi1udV81aUlyRjFXNE9iQnpXbDgzMGwzY3ZnajVlcGdPS2E3bzlHUDhvMS04TGlwaWNWWmpaREgzMmZiOUNfYXdmSHI2OG9wNktSVDQ2S21CTHd5WVRqOFByZ01NQnBWbVI4VHhvMC00QnBZVWRZbUw0aF8wNTJTYU9XZjR5U29SSk94aGprSkhFUG1OaTdfT2dfQnZpLXg3VVplS2xYaDdlQ09RMDcyUGZ2UXJ4TVZpQ28zeFNqbmFwV2ZVWkFLTlFSYXdGcnVkOGZzRk5FZXZENi1EQU5SUkNDNG15bE16ci1SaExGVmV0NFRTTW5oM3NubHZiVlhDSm1tRWg5TkkxeHdvVnFYLWNLMzBLWVhSY08tdmZTTlN4S2h0Q2dTem03T3Jta3NwYW1vN0xBTzRreHUxeklOcjZsejZvaUt0T3JaS05pNVlqUXBic0VWdWNTX1lDdkh1Z2hWVWxDM19UVlRUa1RWYWZNMGZBUjVEdFFnVmVSV21fYTRNaE43Y2R0aFBsYjJjT2RNNHg0TXRWX0RZdzBrRm5POHA1cTJ4RklyY0ZnYXlObFpKbFZ2NDlzYTZOMHZuN05Nc3ZSUk4zTUU4UFlQTldONzcyYm9UM2xRdlpXVGVKN0Z5RnhtZU5ySkJYcEVIMzRRbFFGNGxMQjZjbjZ5RGwxd09wU2cwUy1sYzVhWFNOZnRHdnlCemNYSVE4cWNUbWFVb0dMbWppZ2hzYnVQcEJVRVRxNGJiRjZYeldwMWtINmtsZ2t3VzRpRjRIU3luY2RCbUcwM1pOaVV2UUtoV1p0WEl5UkQ2a0ZYc2o3QVVJaENuSVNnVnd0QmVsVHp6WWhEYXJ4UVN4VUFLWEZ6ejN5OC1CLTNvLUNHd0w3aVZiUVRyMlF0OFdMemtGaUFHZWx5VWhzY2Q3Uk1tSThYZ185QnoySlY3YVYxSHU0dHVnZW1GbXhxalFzaW9Pci0wNG41V09QT3V3WXN6SlhlYUg5algtT0JIRDVyTU5ObHc2cFBQbC1raHduWW9ZcTZsdHFEV2FtckJhVExUQUNacWdvOXF4ZWFCUXFsRU8tWFVMMTB0clhTeDJpY0N5UHV2Y1BoWm44MU9UNVZpNVUyUTVoZHdRdjEtanNDT3hoNVNvbFc4S2FhcWRkS280MFFvMERBWXNnX2lPUW41YUp6eE50cE1GYmM5bUwwejBZSWNyaVZNZTNIdGN4N3JtQ2s4NXRfeFg2ZEVkYjRvazFfSnNlaWE1RWZDbWlONzhtUWY5UlNJTkdBZzZMNWE5WWJBR3cwX25QREQ4cVg1dFQtaWdrUjZySTh3Q29VUEhiRlp5cnBucFhLSUdXQmZEYUNmSGlfTm10X3VIeFYwd2JyWlVaal95Qmlqek1JUFk1ZTRMWVBUc2VkYklaVi1GeDMybHJ2TFk4cF9rWTg3QmRHZTNoR0RaSzJXTXpjZlJITSZzYWk9QU1mbC1ZVEZkaWJXaEkwUGFodExtMk1NZVM2OTg4OGtvNHBPX25ucm5qVG5VR204c2V5QVprdlNsdmJ5SDVKQjVtUThrdU9teXJfMmNIR0lEZ0U1ZDFEMXg3YXFacG9LdlpSSXQwd2xYZEtxWi0tN3JDMHlyU2lNbnlYM0l3bHZ4ZG42Wld6bGVkZHNHUXBNajhURmtpR3lzbnJvdmlHWUFLS0pBeDJSQ1J0N004N0ZZV2xwb0JZRDA1SG9Ib1pTZk5IaFQzTkRCbGQ4M0JVSmJvUnAtMWkzQTh1ZzE2eDB6eWFVYWM3eFJvcDRGU29mLUdmcjdwVDc5WWJxZTZwcnpSdFktVVFUYXpLREowVDNnRUc2U0RyaGpUZktjOEJmRTY5TWNXMWlBNmgzVTlvTnZQUVljS2lmX1N5OHNtaGxjSjNFY0Q3TDJPdFQzV0tDRmlGeCZzaWc9Q2cwQXJLSlN6T0I3RmlIb1BfUTFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3Byb2R1Y3RzL3NlY3VyaXR5L2ZpcmV3YWxscy9nZXQtc3RhcnRlZC5odG1sJTNGQ0NJRCUzRGNjMDAzMDUzJTI2T0lEJTNEdHJsc2MwMjcwNTQlMjZEVElEJTNEcGRpcHJnMDAwMDAxJTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D203224912%26dc_adid%3D570667618
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.247.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-247-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
513c88ce98a2e573534fe93321b843a8410649a6b47c9380b5c0ee9bd870819d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 07:51:55 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cl5js6vemf02hnnr4nd0
Content-Length
5815
gen_204
pagead2.googlesyndication.com/pagead/ Frame C7FC 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bu2WvGT5LZba2IsGDxdwP29CKaAAAAAA4AeAEAg&bg=!jo2ljcLNAAb4oU7C2KE7ADQBe5WfOBL_VYIe33XK1nK8BO7FNHZsgeND6ZoOqhax2W6zJ9LeLeZlWfZkxmZH7blcZwOUAgAAAExSAAAACmgBBwoAWH7RdCBXG_ImfzABs53e2leJPg9qNHoAt0kSqnhUHVDIUaANgkPl1CzQfRmAg_425HX--ZHvq5dpx1Kv8j0_LfdLXoBNZVfDcgOyvj2xb2B8fh5dIxIurJuZAwahrMygDlqVrPYCsZOjgSwMvYbTVZahY_QQHaOJXQC2L-lKrigH6vnCo33PYn2Mgj1-63RUmra6az68ftFhBk0tHkggErqinSFJCU3_SDqLRTLnnBKxMXVijAPftxSsGuEL5GUZX17IcVi6BpodG8I6sDPILxeJSQtrO9acx_8u1BHvvNhtqWr7qKiQjQwIimwiTRTXdviUzR3y2FJADiRK3JsH3Je4N4pywkXoqKlfK2rbPIP_5kl8icrLZyTKczmUI8F7DFOAZGILUrfljIrip7vIKYSVPVYMbR58Rmg1CPyCw24xLvyIaRCq4mdkZP07Mt9OQmYzw5YsWFDeCy6eOZLe1D-h4JOpsphCElsAHOivf4mehzCu0bbBys0tuCkUbLvIPGbBuBMdoOYnSk28o12dGQUf5xhhWkBE6FXw3wyQ3z7LDYcaKt6zWT0ttNoYpBRsTbsdE5cGFRLo2Coyupj29ZjCeUdne2h_QjTGmavw6k6tBPvhnPIyXcxUgfuYd-hODKfJuBj72R0zZcD2vcd54fhXP-uY2EYhtoVZUBBLcMzQ-UUX3fdbiVbOaN43irC16hRrgF2Vt-z8_eap_Xd1xgs4EMWw5xuzAPvtmxUiW5ZP49VzjrFSj5j1iPeuw9UmJ3M3tx7kxwlu8ZYLdrUkFsit_adPA5ed7f7dPekSS6vFgxuDNL_rGKmJyDdezfvZ6oNssbo9_-ryBPy7DsbAWrMhrXUvUQkc6u1LAmMWKn2pMv5T0RLNcE3MrhVMH6rDeI_7q_LEOdPDTZ4cj8cbMZ93neLqAKJioDvV1VcYZCQYPMedmk24p4a4jd9nZ8UxL5kb_ku_9yQ-J_mGXKvG_fnZJgM4w9Ax6U3Uxe052jFIiMY1Xb1DPEhnsCWarlLwxdpiRxraHlXY83IAjLQB2xwM9Oki4C4xiaE87hRMl33Q9mTH3-Si-s7Cfl0YBcRu-MMhjbRgkU8DrcgjkkToU32wp7P7gRBp1h7mv6XXn0zNvgGnTtPTWmPmuIQt7zo-7vQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699429913&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=1&bdt=836&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=7CTktmwpPI&p=https%3A//s.id&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C602 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cf3hpGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwGqBOUBT9A_3zVokXzzdavS4BfF0yxA_GshOsLGDEfh-qXebRelch7uekNP0iuzDWKcwwgRpcovSfCmi0v9Sobd9Jq18u71jDauPzS_AblTvkIhk5JwMuZftGSkBidA9r_Jzl1Vr5cCjMgRiulOuSVkraw90AJ_dhy8Sy-oZdcZjhoVdtfzsYwvI8wElAkVkthlIYpXFU7Sttu1ue0A_vQCZEwUWA92yHidUSNuv8ARq7Tu2I7ZyvbSV8sgpfFWIwxDvhcKQ7c8hqsUg8--1GYZrrnFoUNWXScL5vxvod8JQZWnx4o0oAvD-sAEvNe0pc0E4AQDiAWnmZqvTJIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcLEOjjngEY1oKp_AHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBsBPk5LUVyBPGzYLhA9ATANgTDYgUCtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=YgeUOLJL1_A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNij8YJ3pAGB-w4-0kApd-OPBSkmcyW2iA35MnBTyvMVcsoJhvlCHqAurlTwfQNk9_npl-iKiC2Y6WO109EXpIgaoUfIAhdW1ocVYYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lopgoypj&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame C602 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Nov 2024 22:32:49 GMT
file.mp4
r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame C602
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B1F6636795D27D5E2DBC2892CFBFC63BD16D1C9.748EF9EDDBA86403D017998376100FB9F6149A11/key/cms1/cms_redirect/yes/mh/06/mip/176.115.236.197/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1699428304/mv/u/mvi/4/pl/22/file/file.mp4
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
HTTP/1.1
Server
172.217.132.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s49-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 07:51:56 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1513496
Last-Modified
Fri, 12 Aug 2022 10:34:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 08 Nov 2023 07:51:56 GMT

Redirect headers

date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B1F6636795D27D5E2DBC2892CFBFC63BD16D1C9.748EF9EDDBA86403D017998376100FB9F6149A11/key/cms1/cms_redirect/yes/mh/06/mip/176.115.236.197/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1699428304/mv/u/mvi/4/pl/22/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lopgoyxo&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&msm=1&aits=18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1f3~videopreviewvisible.1gh&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 8BD0 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 21:34:55 GMT
expires
Wed, 06 Nov 2024 21:34:55 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
320x050.html
s0.2mdn.net/sadbundle/15863219371426971648/ Frame 64B9 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
765b69bd873165c3d661be06ea9202b0f16f9296b593bae3f7ec9cc6168557b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:55 GMT
expires
Thu, 07 Nov 2024 07:51:55 GMT
last-modified
Wed, 15 Feb 2023 15:43:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8400 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOPjibu1UIk3aMzbKdG8wi1VA8u5eKDFKnEThFyxXQeSKSBiyY-PFcFYTEfAkSaPJRkbVOcV9QIZRI4b2LZTyFEEJeY5sc_abczwRU-X8zBUZvlXJHExvgJyMEZGUmD1a07ZCZGJj2L06ln5SiD5v-B_FRgecjCw9PTr-n6JgXm10croMmrlxemBLNhBfOnj5zajA2LX7PG79nU8Zp9Om5P1kPp9SVupT7A-mso3ubs3sl6MQ67YbQtaPYCK-Z34MGzPYzTccAmZmEdqfPBOMcPvRBMD9EreAm4ML4E9WYV0o63XOV0oP1Rfayhz6IQ1xrx4jic39hQDU8MdJT9iNoVBQOy6-yy208mHCxdVTRxBMHRbGw-aKGc_qWI0uIt0naOB00eWux4C4EZb7-KvQCn8rlhUkkOZOuM5j429lYULZWcN78oo5HHpZj9Y0gxOXnUAIIJKpv7uNq9OTPjG6HJtnLXuiy_rydZwXmBIsdmnBZSrWA9QalPMMluHz13xJsYgJ3m-VwGrJIWnNeB1yh57OCc7hUaOQShKLBD3VfZkehsTW7-bhwrFdBZDk5_PK_dtvbK31N0z3sUsiNkykxA8JGVgIHFNnsvIpuSOz7UajlhlHDdPJJ4EV4PhGhRn01CEfwBXSau5zeETjY_Vmoo4mOS7HEhrYYwUSygp-zSH3IRl1uRFILTEv_R52PLFg96XVoE_xsEC5bJ2_fgPokbdElSj9xVfAMdKKq1UnnReNd9fN4D8pToKAM5_ALeGPJBNQ0xLu6J2SNcgU6WuyjKnkAqF2D3NFv1QYp8P7XD8C-6wS59cT0_3Itzwmfy7IAKQBzoDhwqQp7EWr1nlchFP1mj9iGHjmw05iF3rJ4HOOnM7tBViUIPa8TYxBwXv2xqGvZUUOkeEYSa_2pqx24RV1RW9mBjEtONVrROf7uv9m9pCB7-XpiteTDIwMai4Taxd5JfcRcIpnVOHYDyeiHoSGp8O7RhmAaovrVxqON195Trww6MJLKiFtjy3wRSGJWhpwuTlw2qQyy1ZXcafRVaNaepBg8P6RfYC4F1oupVeWdr8ws-ta_NuvPWSgSLWX_Fx4s9FS9lQX8b7plPWg-WOgcogNGwVmdB-Gd65KTYIKi_6ypMweUp5pkdgGPg-ANK1zpv6-GFMC741GSRpMhpJZVwSHfd9GQXSeC61qDbw9bLZ6FVBJCkDPHJ0cs5YaqE6RwZCWAVHJz1dxtlQ&sai=AMfl-YQIJB58SZbmmLWJjDFRuGWvX3WtOUtZlNm-lbdMxcL79stk8jq0IZV4LyLJbHQEafOWCPuwMjtoXv3JMvfXMLMzPdtaX2tfqLxZ5OgFw3blgdHyIyxaqa8FQcGykyQ_pplf9oYgV37CHdOT_fGZ2WRrEZFQWh4FlKFJJDIBLbBdwxYF6irCxSmRlaOEzPLphLRyKCT0HKMIFTdBjXpM8azEfHTcKBrfYs9iAEeLaCPLfNT8OYlNzSonMC0sUuc-ztbZOKej1ys6QwMTE1Aivbh6Yvezc_CHlcLBCd2YlwLU4S09N1bUMjT_1Iw8brNW1a4a0zT_VZ3IonajvY192ak8FFWTZAfLo5n2hWTvBuOAP-2oFziWOnSAHId2UeMOGl3KuOZQ--AN9bh0DvIRa0Kc9B8UUWgYizcHfEob212-8C7D13lErcua1Lcg2vQ2E3MZh8smv1zT7Db6mXyP3SDWXkGrHlD2_Dm2Sand8aZcAbvtXAUj5x-jhGukNA&sig=Cg0ArKJSzKjDXTJXBBx4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&cbvp=1&cstd=474&cisv=r20231106.60107&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 8BD0 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 07:15:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BD0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BE-4rGz5LZYcd6MiewQ-U97nwCQAAAAA4AeAEAg&bg=!lJell9jNAAb4oU7C2KE7ADQBe5WfODwpi3NVmF_tkxwqWVt79Fu-E5RY9JaebS6n9pZso1bf9Wzaqh22qQ9o0hzvKh1TAgAAAH9SAAAACWgBB5kCz6vGQG7kJz64mskVpHKN52kw0HnVEkNwAwT0dUYUoRpvwfEfhG8evDWt4QfLJzpY26uS7pc8IOebroE54ptb8ZVALZgm9DPCzIbI5gnHlriDMeCKW_1pGvLLiLSaB-2HrAPuwLmEtiT6qs047Elv45LJyPZKxwH3Eom0xSYX9z0B5DDR5UOh3nmwqa71CycLliihv7oGPaP2-8FPpYpF-I9nv_GJnz39Bl_bqqZ7ARbw0dUXYQno4AWjB0_-DNQEeKjY6gveWjhL-VOM0OHJmXkWT-RMWjGFa-_QWhXGYCuC91I-JXMYN3EHYGc0WCt9AklwMxUrPH3Y5hOcEn6bifc_QMbOSGaWqCDzucOVk1XLy0Q6FT_J8Tws6qM8s58Y-mot0TnnmI0vtgq0uPvi-mb9MtaPaNLijeuy7YJySwzrcTjIv7bvpeWunctEsJFRPu1b3sXOJeotgPxuQdSs1VpJUwMeUMx1GMQ9MHIbMuHDO-1lkCiCXrkvqmFHv6SyaDC_4jy1nh5FrjlmEKgRgSMsWA3I9TnWeFt9IMzrlT6N74TzP1zWEWF1QSw_swdjSfTQVFtkIYYnlMmHiOrY1bmBjRvZg0S81zM_AxqpAokFVl_3AdS8AOq_Piu71mkjx2ZvLBV_2tsYYXsH0GpprCv2cvGzduAVsUTJYp3oju9MpJAdCKJrlPE845MsRp9WY2hGDl3rrSTdfveZmfkhgkKMM2fQW6aU10xwlPDJ80qpI86XkzEjhJqf9qEi2i6dGi3HXRP5ojtPqNC-aT3ELBPnGvAz7JUTNlsPdonXpWgvSJbr9x2ROnzbtS56mwLjWickunK48LmbBnDaK0P0ucf8dyLhosCVd2qQnvB-hOFLMUb3660J3An41jRb5Y9yxiSx-sbH8JQDwuVboLyDwro3KSkPq5_7caff2dvaN9d1payed6SNpC2YulqUoYpM
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 64B9 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 12:45:45 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 64B9 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 07:51:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8400 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOPjibu1UIk3aMzbKdG8wi1VA8u5eKDFKnEThFyxXQeSKSBiyY-PFcFYTEfAkSaPJRkbVOcV9QIZRI4b2LZTyFEEJeY5sc_abczwRU-X8zBUZvlXJHExvgJyMEZGUmD1a07ZCZGJj2L06ln5SiD5v-B_FRgecjCw9PTr-n6JgXm10croMmrlxemBLNhBfOnj5zajA2LX7PG79nU8Zp9Om5P1kPp9SVupT7A-mso3ubs3sl6MQ67YbQtaPYCK-Z34MGzPYzTccAmZmEdqfPBOMcPvRBMD9EreAm4ML4E9WYV0o63XOV0oP1Rfayhz6IQ1xrx4jic39hQDU8MdJT9iNoVBQOy6-yy208mHCxdVTRxBMHRbGw-aKGc_qWI0uIt0naOB00eWux4C4EZb7-KvQCn8rlhUkkOZOuM5j429lYULZWcN78oo5HHpZj9Y0gxOXnUAIIJKpv7uNq9OTPjG6HJtnLXuiy_rydZwXmBIsdmnBZSrWA9QalPMMluHz13xJsYgJ3m-VwGrJIWnNeB1yh57OCc7hUaOQShKLBD3VfZkehsTW7-bhwrFdBZDk5_PK_dtvbK31N0z3sUsiNkykxA8JGVgIHFNnsvIpuSOz7UajlhlHDdPJJ4EV4PhGhRn01CEfwBXSau5zeETjY_Vmoo4mOS7HEhrYYwUSygp-zSH3IRl1uRFILTEv_R52PLFg96XVoE_xsEC5bJ2_fgPokbdElSj9xVfAMdKKq1UnnReNd9fN4D8pToKAM5_ALeGPJBNQ0xLu6J2SNcgU6WuyjKnkAqF2D3NFv1QYp8P7XD8C-6wS59cT0_3Itzwmfy7IAKQBzoDhwqQp7EWr1nlchFP1mj9iGHjmw05iF3rJ4HOOnM7tBViUIPa8TYxBwXv2xqGvZUUOkeEYSa_2pqx24RV1RW9mBjEtONVrROf7uv9m9pCB7-XpiteTDIwMai4Taxd5JfcRcIpnVOHYDyeiHoSGp8O7RhmAaovrVxqON195Trww6MJLKiFtjy3wRSGJWhpwuTlw2qQyy1ZXcafRVaNaepBg8P6RfYC4F1oupVeWdr8ws-ta_NuvPWSgSLWX_Fx4s9FS9lQX8b7plPWg-WOgcogNGwVmdB-Gd65KTYIKi_6ypMweUp5pkdgGPg-ANK1zpv6-GFMC741GSRpMhpJZVwSHfd9GQXSeC61qDbw9bLZ6FVBJCkDPHJ0cs5YaqE6RwZCWAVHJz1dxtlQ&sai=AMfl-YQIJB58SZbmmLWJjDFRuGWvX3WtOUtZlNm-lbdMxcL79stk8jq0IZV4LyLJbHQEafOWCPuwMjtoXv3JMvfXMLMzPdtaX2tfqLxZ5OgFw3blgdHyIyxaqa8FQcGykyQ_pplf9oYgV37CHdOT_fGZ2WRrEZFQWh4FlKFJJDIBLbBdwxYF6irCxSmRlaOEzPLphLRyKCT0HKMIFTdBjXpM8azEfHTcKBrfYs9iAEeLaCPLfNT8OYlNzSonMC0sUuc-ztbZOKej1ys6QwMTE1Aivbh6Yvezc_CHlcLBCd2YlwLU4S09N1bUMjT_1Iw8brNW1a4a0zT_VZ3IonajvY192ak8FFWTZAfLo5n2hWTvBuOAP-2oFziWOnSAHId2UeMOGl3KuOZQ--AN9bh0DvIRa0Kc9B8UUWgYizcHfEob212-8C7D13lErcua1Lcg2vQ2E3MZh8smv1zT7Db6mXyP3SDWXkGrHlD2_Dm2Sand8aZcAbvtXAUj5x-jhGukNA&sig=Cg0ArKJSzKjDXTJXBBx4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=897&vt=11&dtpt=409&dett=3&cstd=474&cisv=r20231106.60107&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: s.id
URL: https://s.id/seytaninkoli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2a1a77bee816864dbdca801a61b4dc86ae7a0644e511f35e8df41f5ecb8ad9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12282
x-xss-protection
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 64B9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:50:32 GMT
x-content-type-options
nosniff
age
83
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 08:05:32 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 64B9 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:50:14 GMT
x-content-type-options
nosniff
age
101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 08:05:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 64B9 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
09a46f7b777ebdd7161604cb4de0afb2b85e2cd3accdeed748f9ce977cb8792e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5799
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 64B9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:08:41 GMT
x-content-type-options
nosniff
age
31394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 23:08:41 GMT
60005582_20230412024536330_o2_homespot_5G_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 64B9 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230412024536330_o2_homespot_5G_ASSET.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:06:54 GMT
x-content-type-options
nosniff
age
60301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33586
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 09:45:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 15:06:54 GMT
60005582_20230413242942523_320x050_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 64B9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413242942523_320x050_LOOK-01.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
a74639b20fd841f7c556c8e517059c314d15bef870a5abc501fbe3a64dc98fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:26:56 GMT
x-content-type-options
nosniff
age
37499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9039
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:29:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 21:26:56 GMT
60005582_20220825085154659_320x050_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 64B9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085154659_320x050_BG.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
89ca8a52f2a1a1e81dbe8ad843ca46323c98c819d622345a3625dc0626b04701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 06:49:39 GMT
x-content-type-options
nosniff
age
3736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6649
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 06:49:39 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 64B9 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379662410_145324559_PO3006A20231031&ref=30943227_4307561_379662410_145324559_PO3006A20231031
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 07:51:56 GMT
via
1.1 varnish-live-1-0
CF-Cache-Status
HIT
age
18015279
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
45356224
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
822c3bcef9b2bb37-FRA
Expires
Thu, 07 Nov 2024 07:51:56 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 64B9 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=Aw1Im2QDfR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:41:50 GMT
x-content-type-options
nosniff
age
605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 07:56:50 GMT
file.mp4
r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame C602 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2B1F6636795D27D5E2DBC2892CFBFC63BD16D1C9.748EF9EDDBA86403D017998376100FB9F6149A11/key/cms1/cms_redirect/yes/mh/06/mip/176.115.236.197/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1699428304/mv/u/mvi/4/pl/22/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.217.132.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s49-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
11d8979e574565926525a6b71ef868c163eb760c566324365a11b3e72c8c2b23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 08 Nov 2023 07:51:56 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-1513495/1513496
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1513496
Last-Modified
Fri, 12 Aug 2022 10:34:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Wed, 08 Nov 2023 07:51:56 GMT
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lopgoyzd&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1135760%252F76105514%253Fmon%253D76105515%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xsid%253D%255BTIMESTAMP%255D%2526ias_dspID%253D3%2526ias_campId%253D1008772806%2526ias_pubId%253Dpub-2742216534640545%2526ias_chanId%253D1%2526ias_placementId%253D20500090023%2526bidurl%253Dhttps%253A%252F%252Fs.id%252Fseytaninkoli%2526ias_dealId%253D%2526xsId%253DABAjH0jfckHKgGoP6IPzT6whCjHQ%2526ias_xappb%253D%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0jfckHKgGoP6IPzT6whCjHQ%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB30857687.379597277%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0jfckHKgGoP6IPzT6whCjHQ%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D340397954143%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fs.id%252Fseytaninkoli%25253Bnel%25253D0%25253Fves%25253DdGltZXN0YW1wOiAxNjk5NDI5OTE1MDI0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc25lQmdQSzhHTmtMZjZ0WUt2Z3RXc2Y5THBET0Y4QmdUMTlzeFZiSzcxSXRua2FNX3dOWDhYZGJUbkVRbjFOZkpwbGExZWZGYS1BRWh0UHdtQkFjcTBkYkx2SHBQSUt4aFJNcnVPTXg3c1VnUTZQMUN2Vm1GWUwtZ1lCdlV3V0gxMjBMNkc1dk83Ym1MdGg1YnhSb0tHYWJscDVraUw4OTVRdjB2RHV0bWdEdzBaYmNKS25tekhNMEFGdzdjSi1udV81aUlyRjFXNE9iQnpXbDgzMGwzY3ZnajVlcGdPS2E3bzlHUDhvMS04TGlwaWNWWmpaREgzMmZiOUNfYXdmSHI2OG9wNktSVDQ2S21CTHd5WVRqOFByZ01NQnBWbVI4VHhvMC00QnBZVWRZbUw0aF8wNTJTYU9XZjR5U29SSk94aGprSkhFUG1OaTdfT2dfQnZpLXg3VVplS2xYaDdlQ09RMDcyUGZ2UXJ4TVZpQ28zeFNqbmFwV2ZVWkFLTlFSYXdGcnVkOGZzRk5FZXZENi1EQU5SUkNDNG15bE16ci1SaExGVmV0NFRTTW5oM3NubHZiVlhDSm1tRWg5TkkxeHdvVnFYLWNLMzBLWVhSY08tdmZTTlN4S2h0Q2dTem03T3Jta3NwYW1vN0xBTzRreHUxeklOcjZsejZvaUt0T3JaS05pNVlqUXBic0VWdWNTX1lDdkh1Z2hWVWxDM19UVlRUa1RWYWZNMGZBUjVEdFFnVmVSV21fYTRNaE43Y2R0aFBsYjJjT2RNNHg0TXRWX0RZdzBrRm5POHA1cTJ4RklyY0ZnYXlObFpKbFZ2NDlzYTZOMHZuN05Nc3ZSUk4zTUU4UFlQTldONzcyYm9UM2xRdlpXVGVKN0Z5RnhtZU5ySkJYcEVIMzRRbFFGNGxMQjZjbjZ5RGwxd09wU2cwUy1sYzVhWFNOZnRHdnlCemNYSVE4cWNUbWFVb0dMbWppZ2hzYnVQcEJVRVRxNGJiRjZYeldwMWtINmtsZ2t3VzRpRjRIU3luY2RCbUcwM1pOaVV2UUtoV1p0WEl5UkQ2a0ZYc2o3QVVJaENuSVNnVnd0QmVsVHp6WWhEYXJ4UVN4VUFLWEZ6ejN5OC1CLTNvLUNHd0w3aVZiUVRyMlF0OFdMemtGaUFHZWx5VWhzY2Q3Uk1tSThYZ185QnoySlY3YVYxSHU0dHVnZW1GbXhxalFzaW9Pci0wNG41V09QT3V3WXN6SlhlYUg5algtT0JIRDVyTU5ObHc2cFBQbC1raHduWW9ZcTZsdHFEV2FtckJhVExUQUNacWdvOXF4ZWFCUXFsRU8tWFVMMTB0clhTeDJpY0N5UHV2Y1BoWm44MU9UNVZpNVUyUTVoZHdRdjEtanNDT3hoNVNvbFc4S2FhcWRkS280MFFvMERBWXNnX2lPUW41YUp6eE50cE1GYmM5bUwwejBZSWNyaVZNZTNIdGN4N3JtQ2s4NXRfeFg2ZEVkYjRvazFfSnNlaWE1RWZDbWlONzhtUWY5UlNJTkdBZzZMNWE5WWJBR3cwX25QREQ4cVg1dFQtaWdrUjZySTh3Q29VUEhiRlp5cnBucFhLSUdXQmZEYUNmSGlfTm10X3VIeFYwd2JyWlVaal95Qmlqek1JUFk1ZTRMWVBUc2VkYklaVi1GeDMybHJ2TFk4cF9rWTg3QmRHZTNoR0RaSzJXTXpjZlJITSZzYWk9QU1mbC1ZVEZkaWJXaEkwUGFodExtMk1NZVM2OTg4OGtvNHBPX25ucm5qVG5VR204c2V5QVprdlNsdmJ5SDVKQjVtUThrdU9teXJfMmNIR0lEZ0U1ZDFEMXg3YXFacG9LdlpSSXQwd2xYZEtxWi0tN3JDMHlyU2lNbnlYM0l3bHZ4ZG42Wld6bGVkZHNHUXBNajhURmtpR3lzbnJvdmlHWUFLS0pBeDJSQ1J0N004N0ZZV2xwb0JZRDA1SG9Ib1pTZk5IaFQzTkRCbGQ4M0JVSmJvUnAtMWkzQTh1ZzE2eDB6eWFVYWM3eFJvcDRGU29mLUdmcjdwVDc5WWJxZTZwcnpSdFktVVFUYXpLREowVDNnRUc2U0RyaGpUZktjOEJmRTY5TWNXMWlBNmgzVTlvTnZQUVljS2lmX1N5OHNtaGxjSjNFY0Q3TDJPdFQzV0tDRmlGeCZzaWc9Q2cwQXJLSlN6T0I3RmlIb1BfUTFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNpc2NvLmNvbS9jL2RlX2RlL3Byb2R1Y3RzL3NlY3VyaXR5L2ZpcmV3YWxscy9nZXQtc3RhcnRlZC5odG1sJTNGQ0NJRCUzRGNjMDAzMDUzJTI2T0lEJTNEdHJsc2MwMjcwNTQlMjZEVElEJTNEcGRpcHJnMDAwMDAxJTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D203224912%252526dc_adid%25253D570667618&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 64B9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 07:51:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 07:51:56 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame D2C8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 07:15:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF60 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 21:04:38 GMT
expires
Wed, 06 Nov 2024 21:04:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4DFF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
96e3eb494ac79c60cc1c286b208d56c7b0fbaa4e9b45a6c176392f6de70c7ca9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B-7stQCcJDMDQaw8twObUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-B-7stQCcJDMDQaw8twObUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:51:56 GMT
expires
Wed, 08 Nov 2023 07:51:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lopgozlo&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&event_name=first_play&asset_bytes=198025&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame FF60 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
2199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 07:15:17 GMT
dt
dt.adsafeprotected.com/ Frame C602
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
44.206.54.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-54-240.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:57 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Wed, 08 Nov 2023 07:51:56 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIx5ae4_WzggMVaKQnAh2Uew6eEAAYACDQ7vNgQhMIkZvG4vWzggMVdFaRBR23_QGx;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame C602 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx5ae4_WzggMVaKQnAh2Uew6eEAAYACDQ7vNgQhMIkZvG4vWzggMVdFaRBR23_QGx;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699429916531;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C602 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTXoNGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwHIA5sEqgToAU_QP981aJF883Wr0uAXxdMsQPxrITrCxgxH4fql3m0XpXIe7npDT9Irsw1inMMIEaXKL0nwpotL_UqG3fSatfLu9Yw2rj80vwG5U75CIZOScDLmX7RkpAYnQPa_yc5dVa-XAozIEYrpTrklZK2sPdACf3YcvEsvqGXXGY4aFXbX87GMLyPMBJQJFZLYZSGKVxVO0rbbtbntAP70AmRMFFgPdsh4nQkinBFT67YmE1priWgTlZMhYlQbRfaqWWuZLWS9uI-CDDo_AM6znQ2X67mrha9l-i5WQY3H9vZo92WahIkZ0IE045XABLzXtKXNBOAEA4gFp5mar0yQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPk5LUV0BMA2BMNiBQK2BQB0BUB-BYBgBcB&sigh=MJ6giKu0Z6k&label=part2viewed&ad_mt=7&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699429916531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame C602 		43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 02:28:59 GMT
x-content-type-options
nosniff
age
19377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Nov 2023 02:28:59 GMT
pixel.png
unified.adsafeprotected.com/ Frame C602 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiMzQxZjg5YjktN2Y0ZC00MGM1LWFiOTMtMmU2ZGQ3Y2IyNDQ1In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTAwMDkwMDIzIiwiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY3JlYXRpdmVJZCI6IjIwMzIyNDkxMiIsImNiIjoiMTY5OTQyOTkxNTMyMDg3NjQyNiIsImFkRHVyYXRpb24iOi0xLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514&iris_id=[IRIS_ID]&ss_iris_id={{IRIS_ID}}&fw_iris_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.247.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-247-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 07:51:56 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame C602
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1135760/76105515/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&bidurl=https://s.id/seytaninkoli&ias_campId=1008772806&ias_pubId=pub-...
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&ias_=&ias_xappb=&mon=76105515
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&ias_=&ias_xappb=&mon=76105515
Protocol
H2
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
14189099
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
CKPUDKNt6WZDF7A6eVz3z9fKA1FtRWtncPEHCaRJYjoZufnPOznjlg==

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&ias_=&ias_xappb=&mon=76105515
cache-control
no-cache
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame C602 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJvcg5fLIvQdpVOwmeJM5DJGDfYzeYOMswA5e_4ZJ0kBjdMJ5cjZwm8VlxPLdPDDolkES_9uM6z3iZSi9YAUeD2kCMNdBzovbv181B_KMWVUURtPA-uJNKDjsjTMaakZUI19Bj4o-WsJp-3KPmVzz_68AQjnhnpQ3RaToxid3iB3kyYnR_6BpSBLAEFdNTLZMY30VG6CIWJ36VQKRKI-pciViLE9g1Us84WHmgkAdAg-GlH2R1Vvzi8mrUWLrb-susUJY-f4KTYNptKVMWwixSL5KuOdV31AV3lSYRbNc2YSm9Ju5We9fk2k7UqT3faq8ABw9FKzzKe96QqDNsRklCoXQPFsewu1LpoVempsMh1dk8YBojusvTTbS8iGf8czEV6iQtx9IwWR_nUnaOfBAex0IZBgzzYmmKB0LoxH_gsy2hvJJcTWXsKmRoXsWJ-MStw3y8Vemu_0t2HWoYK8WfA7Pgesi7n0s0Gik-WkbZ66Ht6xPQRlR-aMwatsJHxz4XyIkPjm286Os7wegYaqc-z4F2HigSZOBw_rymy1hZ10xIqIWbWpeZfYtX792X2E7njhW0mIgvWYbC2IdomOszAlhT8DCCUMScIk3aN2v3gMrbQ58G5O2OWB1ug06qsF_ViYYIiNZK8YWom60cIvA9D7TNtkIVqK21vn8TB9eE6BTBH45xEa_j2rfPfmHqWUcgl8ZbhZY4Le41MTh-0_9NS19uxfJx38S3zqB4du8-5cofB5Kp-4HN-KJNTzXY-vvA9YFiz-c21PCVIxGxXINNB_bCHYWDsUcJJ-IEPMbSG4jt1ruueuS09QURvEG2U4JnGTUoToe_nZk8Deg348YEB1BTrKEokAx0baenQwGD6dAtay4xtlvFdTCLFRhQ6oY9DEj5bOz0vpCiHP8sfIijDzFe5R94zXOMDxyN-zOnpCFMdmB8rHDDZ2FCxgr6d4cl4Oi0Zu1mTKNtouiXocpI9HcG49phuYDQ3j9K3N-u3D6Xmzjb7511mhe7XVHVPBGyduOf1EcjBDjsfgvATWm_o4xUsh_iZOo5plOhJ9tIkUlPABz8iWnQM_eADfgMh0vRx3mJr8e-t9X5rx3DZoH-Cw2Rgel0oiVA5gmP-02T2RSbHUzy6LloeCI8KaWwX_Em03ifbM8HI5CVvC0vNVCrD4y3KmCSLCjCGQc0nG_QzTsrkqIFxyPJRJ-KzEch-8KpIC1HgkzmAg&sai=AMfl-YSCIUeVMFSoIuISHolBhfXzy7GLcy5VUl8KI7PxKczTIvTa2O3wxHtNPN0gpPyENDXn9__Pk4h-94h7E3F-21orG0UZ3FBHCU2P2T76wc6VDOaNKaffjt2Jf5F2Xa6oZTYGhQmSomMg2w0FJj416oKppc5MxLhdmdawqxb1Te7OUcwV3-lXUilyWklKUJQAfepy7nqkP_Ud6BC7wQ1UPKH51wh4Oo2Sy7lknx2sdEO8Z5kiNUFag6TwqrBdJPnsgStm8GAePwOJMgM1H9uueAv4bFEXdQtAv8lqfvkFkywStRGq_YyLoupo6gHVUnSOTNI&sig=Cg0ArKJSzPZtsHCKp2GyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C602 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjWgqn8ASABMAE&v=APEucNXhDQ6SUXg-10m0tebpuLGQR3imJPNa4JgqNfWUSw5fHlz7JrbKjxIFzhU8lgSsuCJbWucog_4H5-04fZogVFvICW8sog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C602 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C602 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRFslorXH9c52Gzsn7JavOt_Fd4LDNaKZ0WahdBF6DO3NogbL9Ub4xfnlpzN_L2SmzBbw5_kvesaiWmC3sAS-hZdv7NxF9qsbvPhN-YCCMSCEmnhylkvc7urQGaMlbetUR60cW7nRaxPY9&sai=AMfl-YSC_j7tloPFT00TzaHJGYGf9G9ibBJcfFGNe0YB322zRBp5WGCNvq7Zmdx5EitaG42rfHFvXLZNOlDH7F5RVLhFKkYeQRkJeKa8yTqs14veWTcwria1lY9WIRNaQHvfJ22eWfs5WOSKrkTi96HILA&sig=Cg0ArKJSzLmtS56lZzMaEAE&cid=CAQSTwDICaaNij8YJ3pAGB-w4-0kApd-OPBSkmcyW2iA35MnBTyvMVcsoJhvlCHqAurlTwfQNk9_npl-iKiC2Y6WO109EXpIgaoUfIAhdW1ocVYYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699429916531&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C602 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTXoNGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwHIA5sEqgToAU_QP981aJF883Wr0uAXxdMsQPxrITrCxgxH4fql3m0XpXIe7npDT9Irsw1inMMIEaXKL0nwpotL_UqG3fSatfLu9Yw2rj80vwG5U75CIZOScDLmX7RkpAYnQPa_yc5dVa-XAozIEYrpTrklZK2sPdACf3YcvEsvqGXXGY4aFXbX87GMLyPMBJQJFZLYZSGKVxVO0rbbtbntAP70AmRMFFgPdsh4nQkinBFT67YmE1priWgTlZMhYlQbRfaqWWuZLWS9uI-CDDo_AM6znQ2X67mrha9l-i5WQY3H9vZo92WahIkZ0IE045XABLzXtKXNBOAEA4gFp5mar0yQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPk5LUV0BMA2BMNiBQK2BQB0BUB-BYBgBcB&sigh=MJ6giKu0Z6k&label=vast_creativeview&ad_mt=7&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D7%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699429916531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C602 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lopgozpg&c=2968609817020&slotId=1484304908510&qqid=CJGbxuL1s4IDFXRWkQUdt_0BsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&met.4=vil.2bf~ff.2bv~videopreviewstarted.2bx
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231106_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fjr01s02-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame FF60 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XtShFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:51:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8400 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXOxwjxtBYG6I8L4GAln2Ip0pnTtAfGzwlyNLy0oxQGdADh8ggR8PV04zKOOL-Gu0ZBdAXa9xzwMk3nl5pbH70i-re4vqFe0JkhFX1ImrtLdhXyAyGdtqKRTsph-yctwka04fFwPn_-ABR&sai=AMfl-YTCRUvHrY92hnK7yhccH99gUQ6moq_4OPtfBq3FRh1h12XhxjjdjOmf2qZz7Xsp56ef4Ty_MYBGcBIzuYE7-UYFp0LlNLPSKNims2pKAGYqgjj2lKoS_PuZjLg5m0Ajlg1jPkT0nO_aglcRDgcMKA&sig=Cg0ArKJSzIgJRK9Ta4CAEAE&cid=CAQSTwDICaaNwE-ugt0YtvbcaE0ATlbSS2uRPbkQMFd8G9lglUl3j4VVdx_VVwXhMz2iN-x_XT2MiMwjt7erezumcK0Svx4G0BWsxbVgs3mPEcQYAQ&id=lidar2&mcvt=1009&p=0,0,50,320&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699429914968&rpt=736&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4DFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=2249277175824836&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=2249277175824836&bg=!Y2ClYC_NAAb4oU7C2KE7ADQBe5WfOP3DIzShZFENoVAPxABBMHPYHJ8vI_N5MMvbhlT2Dm4YEm4stn3PVk3YIKbSjjrgAgAAAHlSAAAAB2gBBwoAfeUX9rfvKSFhG_RzIFjFL2faPfe16BDy-WClAL8aJswiHGPhwq2TKcsUISYun71fU-GxOrjVwJxNO6tFc0p-6bXyaizsrnJpgh4Qog2kgd5Am8uZI_lhptcigSE4M4XNzBQkDp60RP2PKN3Pb4tkq4Ek1BEK9D0E-BwhGSlgmQK3pkui8hXU36q1w-rwElmWGNYQyzXuMRBwVR_9A9uiottbRXmwcCmPZYPxbFK1_BjKnW3mF1Im0Gu0qUszs45JtVT2SuBt1AKKVKDyxscSqba-gv6cYpotW9mbDcv5fCTYsxytGr408XpNLq6p8CrBs5KU2Z5w0AJdxAfeZ5nHnepukvXNNJR8uPijL11VlbtNEFyDBNdZSsX9XuQBS3kw9yNr-IVqTzp2P6bwVAGlq0qx9p-42hS43itFzjCUsAQQqc3EIF4j3ICldw91oSxxhibyuvlEUQPoFc9B7Q-Po-r-id3oOPYPgbohEPq9nNAjf3DfaOl1Iih3zxkm54EpeUsdOmCcB7eAId71GF_7ovVyrFVJ2xkQakrRARPWlO0y9QC5hsil_06TR8VMa8_qn5Fgetd04u57TVdgIv4xAs9eiov4ulOFVRsv2ORJB8Y_gL5cj72qusORF46YK0vKYltfgHGdHJ0wd8c2P3kQGo00qXVpSs1y27i1HoZtYzzyYXjHb7icfdeoHl0VHnhbqOCpy1NzbVNo92t9S_AOjY-URQfOiGxtKEacnlAqcBzuRZwdM-IQi9nICO2Jv1gzSI4gOLDwU32bnUtw1066Zxz847muX4YSrmwjdQN0ahBVbDf7nvNozDdtld5NtOGPU1FOWifitCafe_GlEHvoiGy6VMtHve1kggEHt7d7SkVIkRjPx3thXwJ3ILnV9PsGR8m-eu7yIa_7YUDaDxhiQ9lrJP4A1x-wJZDKPtxedEHaIUOJLBLxaPfGzgk3rt2t81NgiikpTDrnIgFQDIeKfGiaUO_9s8diKJsvGp1kAyx5V08-U0pMEXJdBdv2t1MCIz4KmFRPxNcF0u___bxLV00WgzcExC-NjJhEGytMuhKptMjynv14czH57b1_Q1-4iINPKtT8Uek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame C602
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
44.206.54.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-54-240.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:58 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=341f89b9-7f4d-40c5-ab93-2e6dd7cb2445&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Wed, 08 Nov 2023 07:51:58 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIx5ae4_WzggMVaKQnAh2Uew6eEAAYACDQ7vNgQhMIkZvG4vWzggMVdFaRBR23_QGx;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,3,279,497%26tos%3D1368,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame C602 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx5ae4_WzggMVaKQnAh2Uew6eEAAYACDQ7vNgQhMIkZvG4vWzggMVdFaRBR23_QGx;met=1;acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,3,279,497%26tos%3D1368,0,0,0,0%26mtos%3D1368,1368,1368,1368,1368%26amtos%3D0,0,0,0,0%26mcvt%3D1368%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1530%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D6016%26vmtime%3D1538%26dvs%3D1368%26dfvs%3D1368%26dvpt%3D1530%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1368,1368,1368,1368,1368%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1368;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1699429916531;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C602 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTXoNGT5LZdGqIvSsxdwPt_uHiAuU6ezzc9iuppTdEdbnx6KhPBABIMqE2o8BYJUCoAHe_KCDA8gBBakCWomRZpXvsT6oAwHIA5sEqgToAU_QP981aJF883Wr0uAXxdMsQPxrITrCxgxH4fql3m0XpXIe7npDT9Irsw1inMMIEaXKL0nwpotL_UqG3fSatfLu9Yw2rj80vwG5U75CIZOScDLmX7RkpAYnQPa_yc5dVa-XAozIEYrpTrklZK2sPdACf3YcvEsvqGXXGY4aFXbX87GMLyPMBJQJFZLYZSGKVxVO0rbbtbntAP70AmRMFFgPdsh4nQkinBFT67YmE1priWgTlZMhYlQbRfaqWWuZLWS9uI-CDDo_AM6znQ2X67mrha9l-i5WQY3H9vZo92WahIkZ0IE045XABLzXtKXNBOAEA4gFp5mar0yQBgGgBk6AB4qD33yoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPk5LUV0BMA2BMNiBQK2BQB0BUB-BYBgBcB&sigh=MJ6giKu0Z6k&label=videoplaytime25&ad_mt=1539&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,3,279,497%26tos%3D1368,0,0,0,0%26mtos%3D1368,1368,1368,1368,1368%26amtos%3D0,0,0,0,0%26mcvt%3D1368%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1530%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D6016%26vmtime%3D1538%26dvs%3D1368%26dfvs%3D1368%26dvpt%3D1530%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1368,1368,1368,1368,1368%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1368&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1699429916531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699429913&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699429913517&bpp=3&bdt=835&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987360990952&frm=20&pv=1&ga_vid=1601864213.1699429913&ga_sid=1699429913&ga_hid=590514871&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079296%2C31079402%2C31079406%2C42532598%2C44807454%2C44807460%2C31078297%2C44807405%2C44808149&oid=2&pvsid=2249277175824836&tmod=2009652010&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=XBiY194wsh&p=https%3A//s.id&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C602 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRFslorXH9c52Gzsn7JavOt_Fd4LDNaKZ0WahdBF6DO3NogbL9Ub4xfnlpzN_L2SmzBbw5_kvesaiWmC3sAS-hZdv7NxF9qsbvPhN-YCCMSCEmnhylkvc7urQGaMlbetUR60cW7nRaxPY9&sai=AMfl-YSC_j7tloPFT00TzaHJGYGf9G9ibBJcfFGNe0YB322zRBp5WGCNvq7Zmdx5EitaG42rfHFvXLZNOlDH7F5RVLhFKkYeQRkJeKa8yTqs14veWTcwria1lY9WIRNaQHvfJ22eWfs5WOSKrkTi96HILA&sig=Cg0ArKJSzLmtS56lZzMaEAE&cid=CAQSTwDICaaNij8YJ3pAGB-w4-0kApd-OPBSkmcyW2iA35MnBTyvMVcsoJhvlCHqAurlTwfQNk9_npl-iKiC2Y6WO109EXpIgaoUfIAhdW1ocVYYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231106%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,3,279,497%26tos%3D2169,0,0,0,0%26mtos%3D2169,2169,2169,2169,2169%26amtos%3D0,0,0,0,0%26mcvt%3D2169%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2331%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D202%26dur%3D6016%26vmtime%3D2340%26dtos%3D2169%26dtoss%3D1%26dvs%3D801%26dfvs%3D801%26dvpt%3D801%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D11931947%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2169&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1699429916531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1699429913509&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1601864213.1699429913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699429913&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=scroll&epn.percent_scrolled=90&_et=20&tfd=7814
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 07:51:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| googletag object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.s.id/ Name: _ga
Value: GA1.1.1601864213.1699429913
.s.id/ Name: _ga_LJQ0V44EV5
Value: GS1.1.1699429913.1.0.1699429913.0.0.0
.s.id/ Name: _ga_GTE5CBQ89K
Value: GS1.1.1699429913.1.0.1699429913.60.0.0
.s.id/ Name: __gads
Value: ID=82ee22399ce0aaed:T=1699429913:RT=1699429913:S=ALNI_MYIV3lRs1tghOYq3DbdMDCSCyz1Ag
.s.id/ Name: __gpi
Value: UID=00000cbc2db0aa02:T=1699429913:RT=1699429913:S=ALNI_MZtKjhROu7nfVu-0UrgfaT6REG3XQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkbCh0PMs8nLccO6Gmxp5JLhz_IGoaySQ1uZiMMcmxEENyGZKM9WQHatsKWfic
.doubleclick.net/ Name: APC
Value: AfxxVi7T4QYn0hmeONBfzQE3n34gDKvNkqNasR38AcAFc-ySrCyKuA
.adnxs.com/ Name: uuid2
Value: 1935957797692351580
.casalemedia.com/ Name: CMID
Value: ZUs.Gzo.FNEfeLVfIJBZpgAA
.casalemedia.com/ Name: CMPS
Value: 1130
.casalemedia.com/ Name: CMPRO
Value: 1130
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVTf6C.x!]tbPl1M>e)ZlrFUfJ+tGXxoLSHbgFHN$25CD^`TPiCH`Re6F^NacZ>GODb63If)y3KL9D3I?+s[BCqb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
app.s.id
bid.g.doubleclick.net
cdn-sdotid.adg.id
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
microsite.s.id
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
portal.o2online.de
r4---sn-5hne6nzy.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
s.id
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unified.adsafeprotected.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.18.36.155
141.101.90.99
142.250.110.156
142.250.184.193
142.250.184.194
142.250.184.200
142.250.184.228
142.250.185.131
142.250.185.134
142.250.185.162
142.250.185.163
142.250.185.194
142.250.185.74
142.250.186.130
142.250.186.142
142.250.186.34
142.250.186.66
172.217.132.169
172.217.16.130
172.217.21.35
172.67.75.104
18.66.112.50
185.89.210.180
188.114.96.3
193.84.85.178
216.239.32.36
216.239.34.36
216.58.206.42
34.247.247.46
44.206.54.240
45.126.58.90
54.76.219.187
64.233.167.154
09a46f7b777ebdd7161604cb4de0afb2b85e2cd3accdeed748f9ce977cb8792e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11d8979e574565926525a6b71ef868c163eb760c566324365a11b3e72c8c2b23
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1b93bffc28900c6afcdef1df7fdaceefea744d9df0de2484d2c5a1fbee9dbc8e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a1a77bee816864dbdca801a61b4dc86ae7a0644e511f35e8df41f5ecb8ad9a4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355696ca906fbcf8f289ee77d469d6907ddb05287f18c8ae6fe04809753b5a94
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14
44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcb729d76ea62fd0ce73a62dcf6677db23c360168a9b2c5402b9bd264648a28
4c7901f8d3f7a53ccbae49170b226f1bee8263553af8ce175220102685406e2c
513c88ce98a2e573534fe93321b843a8410649a6b47c9380b5c0ee9bd870819d
520a62487f539c5c28c2824744f26c8d46fcf76b6a533e912d399d7549280d55
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
70b1adc46a399441725230fcfd1d908e983daeca040f93fb4adf60c6459790ee
765b69bd873165c3d661be06ea9202b0f16f9296b593bae3f7ec9cc6168557b4
7c66caa768273ed77f6a816f6f5e8668df91e66704504ff601f3660a5419a727
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89ca8a52f2a1a1e81dbe8ad843ca46323c98c819d622345a3625dc0626b04701
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8c9ee4bf9f0e069ecf0037a5cde67640a7a323072f95efeecea32fb7177a518d
936450ab448610dd55c7884fe8e13d2928128ff181dd2c75a39144e5d1e550dd
96e3eb494ac79c60cc1c286b208d56c7b0fbaa4e9b45a6c176392f6de70c7ca9
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a74639b20fd841f7c556c8e517059c314d15bef870a5abc501fbe3a64dc98fd8
a8ef2f2146b16187d007f410b8697f9c65149d05aba2a4fa15e3de7574e05894
ae683361cd4c06aa1ef0539d083f93ed3f2bf72af1afdb6da5f7ac7cb5a4db5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b798aa8e098b67d4995b740e66c2989675aed8ff4fcee4a28aa4bc1642234685
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7c8507d3d7fe44d5e76db15aa626f3c4a9618bf9ce47acf38988dfd0e4736c8
cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19f5bd93f0105e9e5090e9b151bc43b12a08ba555f4fa77a26eb8c980d0c150
d912f2901895aac17f9b7207b9b38df9d8fa379a5f6ac8078767b119ab35117d
dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7