apn-indonesia.gishan.net Open in urlscan Pro
2606:4700:3108::ac42:2848 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://apn-indonesia.gishan.net/
Effective URL:
https://apn-indonesia.gishan.net/
Submission: On December 22 via manual (December 22nd 2022, 4:34:10 pm UTC) from SG — Scanned from DE

Summary HTTP 311 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 23 domains to perform 311 HTTP transactions. The main IP is 2606:4700:3108::ac42:2848, located in United States and belongs to CLOUDFLARENET, US. The main domain is apn-indonesia.gishan.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 6th 2022. Valid for: a year.

This is the only time apn-indonesia.gishan.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:310... 2606:4700:3108::ac42:2bb8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:3108::ac42:2848	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
6	23.62.220.135 23.62.220.135	16625 (AKAMAI-AS) (AKAMAI-AS)
45	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
99	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2.18.37.133 2.18.37.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
10	34.253.43.221 34.253.43.221	16509 (AMAZON-02) (AMAZON-02)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
4	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
18	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
311	32

1 2606:4700:3108::ac42:2bb8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apn-indonesia.gishan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2848 (United States)

ASN13335 (CLOUDFLARENET, US)

apn-indonesia.gishan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

gnv.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.62.220.135 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-135.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

99 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

cfa.gishan.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.37.133 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.253.43.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	gishan.cc cfa.gishan.cc	627 KB
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	544 KB
22	adform.net track.adform.net — Cisco Umbrella Rank: 3419 s1.adform.net — Cisco Umbrella Rank: 7623	151 KB
21	gstatic.com www.gstatic.com fonts.gstatic.com	205 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	150 KB
10	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 8478	59 KB
8	azureedge.net gnv.azureedge.net	51 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	280 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 41585 hal900014.redintelligence.net — Cisco Umbrella Rank: 405735	6 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1678 m.addthis.com — Cisco Umbrella Rank: 1627	218 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3468 pixel.mathtag.com — Cisco Umbrella Rank: 904	3 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	25 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8549 www.google.de — Cisco Umbrella Rank: 6041	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	gishan.net 1 redirects apn-indonesia.gishan.net	12 KB
2	criteo.com cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173	348 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 65607	1 KB
1	criteo.net pix.eu.criteo.net — Cisco Umbrella Rank: 7930	23 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	695 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1903	748 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 389	1 KB
311	23

	Domain	Requested by
99	cfa.gishan.cc	gnv.azureedge.net apn-indonesia.gishan.net cfa.gishan.cc
45	pagead2.googlesyndication.com	apn-indonesia.gishan.net pagead2.googlesyndication.com tpc.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.googletagservices.com
35	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
18	s1.adform.net	track.adform.net s1.adform.net apn-indonesia.gishan.net
15	www.gstatic.com	googleads.g.doubleclick.net
10	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
8	gnv.azureedge.net	apn-indonesia.gishan.net gnv.azureedge.net
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	track.adform.net	hal900014.redintelligence.net s1.adform.net
4	hal900014.redintelligence.net	hal9000.redintelligence.net hal900014.redintelligence.net
4	www.google.com	2 redirects tpc.googlesyndication.com
4	s7.addthis.com	apn-indonesia.gishan.net s7.addthis.com
3	cdnjs.cloudflare.com	s1.adform.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.google-analytics.com	apn-indonesia.gishan.net www.google-analytics.com
3	apn-indonesia.gishan.net	1 redirects apn-indonesia.gishan.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	cdn.contentspread.net	hal900014.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	apn-indonesia.gishan.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	cat.fr.eu.criteo.com	googleads.g.doubleclick.net
1	pix.eu.criteo.net	googleads.g.doubleclick.net
1	www.google.de
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
311	33

This site contains links to these domains. Also see Links.

Domain
apnsettings.gishan.net
www.gishan.net
creativecommons.org
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-06`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
update.mediamathtag.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
contentspread.net R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://apn-indonesia.gishan.net/
Frame ID: BE8E0CC961748F9F179FFDD2479040D7
Requests: 132 HTTP requests in this frame

Frame: https://cfa.gishan.cc/static/s/show.php
Frame ID: 5BDE2F9C729AFBC5563571D0CA53D509
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 0B3B2D92C8376858163DB13AF05722A0
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AE084F63F324C0EF96B7408F5C007CDF
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E04C307F0F55ED48909FA1C8EBFFD448
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=90&slotname=6665169694&adk=4146532646&adf=3777922914&pi=t.ma~as.6665169694&w=728&lmt=1671726595&format=728x90&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843929&bpp=3&bdt=319&idt=204&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=3037271748200&frm=20&pv=2&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TwQCSq1oaE&p=https%3A//apn-indonesia.gishan.net&dtd=222
Frame ID: 39238BBCDCE2CEB5BDA6C5A00720665E
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=250&slotname=2725868498&adk=4217415236&adf=1158338916&pi=t.ma~as.2725868498&w=300&lmt=1671726595&format=300x250&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=222&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UsdG1E8VfJ&p=https%3A//apn-indonesia.gishan.net&dtd=224
Frame ID: D76A079F964F9C7D2E8837D211DDF2D8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=600&slotname=9990820894&adk=522599123&adf=3249390002&pi=t.ma~as.9990820894&w=300&lmt=1671726595&format=300x600&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=231&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HHot3vtKXC&p=https%3A//apn-indonesia.gishan.net&dtd=234
Frame ID: BF67ED266864BC7C9267D55C822DBED4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=1032&slotname=4738920093&adk=1239161640&adf=1413477260&pi=t.ma~as.4738920093&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1671726595&rafmt=9&format=300x1032&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843933&bpp=1&bdt=323&idt=235&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YHaft1CfHW&p=https%3A//apn-indonesia.gishan.net&dtd=237
Frame ID: F97D18E9709D7759D8EB321BFDE5AB60
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&adk=1812271804&adf=3025194257&lmt=1671726595&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843998&bpp=2&bdt=388&idt=174&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600%2C300x1032&nras=1&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=184
Frame ID: 1A1CEC186489B6BC6D88B5522DC29E4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED991C095A24224F8FF6D1B9E2FAACD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22E5367D6A89013493261D5CCB865CB4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html
Frame ID: 61FE8A8DE67526AFAC40ABE08C0B916B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C03F12CAD7949DE991AF595F0364E8E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 32F88A1DFAABA728E4C7FF8B3DF9C188
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: CCBAD4E07AC6E584050C114FDE9CACCF
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7735129F7049F3589423503FF8B7F096
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A03B9CBF41501449B512625E659FA11A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: EB4A64916574AB82536E5A69EDF71829
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 991400081F626EB19FF991F44AE9BD66
Requests: 1 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
Frame ID: 542ED4194BF817CE40ADA5D410E90929
Requests: 11 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12153528/12153528.js?ADFassetID=12153528&bv=516
Frame ID: 079DBE29EF1475F95B6C40877C7138B0
Requests: 19 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535
Frame ID: 64306658845FBA42537D2BACBDC50E60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indonesia GPRS, MMS, Internet, 3G, 4G LTE, Streaming Pengaturan APNTwitterRedditFacebookWhatsAppPinterestLinkedInEmailTwitterRedditFacebookWhatsAppPinterestLinkedInEmail

Page URL History Show full URLs

http://apn-indonesia.gishan.net/ HTTP 301
https://apn-indonesia.gishan.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Page Statistics

311
Requests

99 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

32
IPs

8
Countries

2399 kB
Transfer

5339 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://apnsettings.gishan.net/
Title: Pengaturan APN Indonesia

Search URL Search Domain Scan URL

URL: https://www.gishan.net/

Search URL Search Domain Scan URL

URL: https://www.gishan.net/privacy
Title: Kebijakan Privasi

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-nd/3.0/deed.en_US
Title: Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://apn-indonesia.gishan.net/ HTTP 301
https://apn-indonesia.gishan.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 230

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

311 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
apn-indonesia.gishan.net/
Redirect Chain

http://apn-indonesia.gishan.net/
https://apn-indonesia.gishan.net/

27 KB
7 KB

298ms
270ms

Document
text/html

2606:4700:3108::ac42:2848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apn-indonesia.gishan.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1fff65093c0ed5693484a9cabebf3e49f0bdf3208132a9b123e14ab03fd1b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache
cf-cache-status: EXPIRED
cf-ray: 77da4342de0f9b64-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Dec 2022 16:34:03 GMT
last-modified: Thu, 22 Dec 2022 16:29:55 GMT
link: <https://gnv.azureedge.net>; rel=preconnect; crossorigin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFzoPHPSoLuaZaBX5blbtL5bkOJBK9x%2BPl53M98jJX%2FTzpbIIUOp7FM64fyGB%2BswF%2F8qQ6uV6oympJTno0FugohbKPY03MnpIDa3N1rN1bd%2FmfGKYFd%2F%2B6AjJ4DBeKpt9QznJ5Ow59b0%2BvVOk6gGqu7Z844emQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache-status: HIT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
x-frame-options: SAMEORIGIN
x-page-speed: 1.13.35.2-0
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 77da43423db59255-FRA
Connection: keep-alive
Content-Type: text/html
Date: Thu, 22 Dec 2022 16:34:03 GMT
Location: https://apn-indonesia.gishan.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aY4Y830ZVrUKPGIcTxqHd1SUi%2BPYoKV3PcYo2lhCIUImDoNLI4UtJm4icm2%2B0R%2BEoAzjWOyIuT%2F7HwaYgOWNxzNP3UjG3vYEqoFKR7w5IRuhje5jAlvUfzXH%2FrjUBsTam9q9Q0hShmdFaWJIggpdShv5vseclg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DC: GishanNet-FRA-LIN
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l.css
gnv.azureedge.net/static/ 38 KB
2 KB 89ms
9ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://gnv.azureedge.net/static/l.css

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB8) /

Resource Hash

804c752140c2131abaac3f8bc738646a08841ca6415fad4a2d6167140fd31e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 254165
x-cache-status: HIT
x-cache: HIT
content-length: 1763
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Dec 2022 17:57:58 GMT
server: ECAcc (frc/4CB8)
x-edge-cache: 2022-Dec-14 22:08:10
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
expires: Sat, 24 Dec 2022 15:14:15 GMT

GET
H2 200 s.css
gnv.azureedge.net/static/ 16 KB
5 KB 87ms
7ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://gnv.azureedge.net/static/s.css

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D08) /

Resource Hash

cd029aaac9a6863ba18f6090ffc08bbb74847c533f61d65cd8e9ead9b779f899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 552435
x-cache-status: HIT
x-cache: HIT
content-length: 5053
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Dec 2022 07:06:48 GMT
server: ECAcc (frc/4D08)
x-edge-cache: 2022-Dec-15 19:33:08
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
expires: Wed, 28 Dec 2022 23:30:23 GMT

GET
H2 200 rocket-loader.min.js Show response
apn-indonesia.gishan.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:3108::ac42:2848
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apn-indonesia.gishan.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2848 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 11:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a05089-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1346Xt3iiG2laG1O29v2fOb2AhDNRx%2B7uIgPIx%2BRhqE962awDaXC%2FMviG3wj%2BRkoRAEm4th2HF2ZyOslgpKoJCI6agYRuThFrsBeWp2AnERpIHCzzY5v7JWhBaeEYWhQcrXei11NUpXaJR6x09VTo7uHABywFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 77da4344ab049b64-FRA
expires: Sat, 24 Dec 2022 16:34:03 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 144ms
43ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 22 Dec 2022 16:34:03 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116406

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 176ms
117ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc619e9c6b10702508f4c8a1fc671ca7e3245ba73197c0d6166514f00ef4eb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49449
x-xss-protection: 0
server: cafe
etag: 13840287616525211134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 16:34:03 GMT

GET
H2 200 id.png
gnv.azureedge.net/static/i/flag/ 98 B
221 B 12ms
11ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gnv.azureedge.net/static/i/flag/id.png

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8E) /

Resource Hash

716850e5e2e4ba023bade251061da51b2a5f19e6748c782878125f494e252175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/static/s.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 1215300
x-cache-status: HIT
x-cache: HIT
content-length: 98
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:34 GMT
server: ECAcc (frc/4C8E)
etag: "62-55d22a353c280"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
expires: Sat, 20 Nov 2021 04:35:02 GMT

GET
H2 200 GishanNet-400-lat.woff2
gnv.azureedge.net/static/f/ 16 KB
16 KB 30ms
8ms Font
font/woff2 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://gnv.azureedge.net/static/f/GishanNet-400-lat.woff2

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE4) /

Resource Hash

5527dccae6db8d6434359c94cdfe4684d674edca48f7502e6868d3c4a6b33b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gnv.azureedge.net/static/s.css
Origin: https://apn-indonesia.gishan.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 724272
x-cache-status: HIT
x-cache: HIT
content-length: 16216
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:49:57 GMT
server: ECAcc (frc/4CE4)
etag: "3f58-55d22a11f2f40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Tue, 18 Jan 2022 15:16:27 GMT

GET
DATA 200
OK truncated
/ 300 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e30ed88f9e373c0843e7e039c1b66e89bce38f31ca7bf0b2617baee494878f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dac3869e75c0d8bee3f300c1e9b8cd6db6b2b4758209b207cfe9a61711e2382b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.png
gnv.azureedge.net/static/i/ 2 KB
2 KB 8ms
8ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gnv.azureedge.net/static/i/logo.png

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA4) /

Resource Hash

f3ba9ea50fe0559d833e8d1f6faf40539733d9474531aa1e92659db1fd099b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/static/s.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 695461
x-cache-status: HIT
x-cache: HIT
content-length: 1939
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:51:57 GMT
server: ECAcc (frc/4CA4)
etag: "793-55d22a8463d40"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
expires: Fri, 19 Nov 2021 13:11:34 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ec412b0755c3e4b045452614439631c7376d6e4936250d0d57bcd5816e9417b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 647 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a7719aed751ceb8da695faee6b978a7283b727942438cf7cca913486b597ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6b2e9d35cd38382bdc4aa9051ab2219c205c87a089891a1b6f8ee75a1f01e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaae5329ea150d3fdf50ddec5ece9dc7602a0d04db768c14e301341b1cedb4b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 GishanNet-700-lat.woff2
gnv.azureedge.net/static/f/ 17 KB
17 KB 20ms
8ms Font
font/woff2 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://gnv.azureedge.net/static/f/GishanNet-700-lat.woff2

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D0A) /

Resource Hash

b28802baf1b8d4f04fb0ebdb5cb227fe571904eb9dee71397fe5fead73618b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gnv.azureedge.net/static/s.css
Origin: https://apn-indonesia.gishan.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 724109
x-cache-status: HIT
x-cache: HIT
content-length: 17716
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:49:59 GMT
server: ECAcc (frc/4D0A)
etag: "4534-55d22a13db3c0"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Tue, 18 Jan 2022 15:12:55 GMT

GET
H2 200 qmobile.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 82ms
41ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/qmobile.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d695828de4f0ecd713892b87b39884f86201e4c3a652c2f3b59b5721959d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28147
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1749
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:25 GMT
server: cloudflare
etag: "6d5-59e8d1ea10640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpAe%2Fjt90jXyT3S8rZopIyhe%2FaclChMXPznWqUZTo2aYiDdYp6Q1NTrQRQlJudPus3qcXpNCZt%2BIAZnrMsdTmgcSsz3WP2dR9D520VCCOUIYVf0sY7%2F3frnEElVJheAIlUlgYk8lIkKjxdRO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b346983-FRA
expires: Fri, 18 Mar 2022 00:48:53 GMT

GET
H2 200 qigi.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 66ms
25ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/qigi.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a772ebc67245ec391ad7858e89ab95c3aa404e1bdd489eb3dbf48ff37f6384e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 15182
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1560
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:24 GMT
server: cloudflare
etag: "618-59e8d1e91c400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F%2BqHOhgcVaHNPsXzhj9H2fEM6Q3%2FByKzwGbT5dTzVgIp806qono8q6XzfoXaKd0pfQDHgCd1b%2BRmCOlWj0SEjiTGR0TbCVmHpEeYtjU6fAr1KWd6qy1WMn%2FaRRWUIxEGLwNX35CeVdVPC%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b356983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 posh.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 83ms
42ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/posh.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00cb9040aedbf778fc7d5074dace93511098782c9e92a13c1ebfb987248dbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2273414
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1797
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:24 GMT
server: cloudflare
etag: "705-59e8d1e91c400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B5xYQZ9dZLgzyXs2ZjZe3wq3T3HXfogpFlP4tWF3LVw4ceZ%2BOsZYaPerFgyRhPKAXKrjAY9iLle%2BzVJZCDChhnfaE7b0%2BZ9IUN0PyPQpTdU65dPiRiTuoiYNxv%2BZQQFb0A6EmBuZoWvtw%2Fk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b366983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 plum.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 74ms
34ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/plum.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

088e0526e29e61213c10c22841624c63dacf37bbd86317226c24d853a9ac4543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 933654
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1545
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:23 GMT
server: cloudflare
etag: "609-59e8d1e8281c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrE99KW9uGpJXR%2F5W7UxNVrL2hMqr3toJLM%2BFtZbDMrLIyQXnsvsS8O2ZCfPuXkfdBGZnJcX2VBDlJv7iYTTZUGWRSWE7MurL%2Bf%2FXyNifFcEyvglDImfLpZC3oJvMFzsY4Esw1S6G9Wpbv09"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b526983-FRA
expires: Sat, 11 Jun 2022 21:38:25 GMT

GET
H2 200 philips.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 70ms
30ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/philips.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f3ad69138d51826277440b24b93ffaff7b14e95cd9eb78f1ec1f8f8a37781d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 69134
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1967
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:22 GMT
server: cloudflare
etag: "7af-59e8d1e733f80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V96TV7f8tNHynYVTCh8tgmZWA9buX0hNqOOuW5JAmrn%2Bm0r8U5Tfyt263OMbwpRYPwD7lxMpb8sYqm0v4eMX7HUknOEa87dsyJqTABpTsIoj%2Bsw9nnKVTY0nsaKJLnmXloUKDz3lfkQdoKZR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b546983-FRA
expires: Thu, 11 Aug 2022 20:41:09 GMT

GET
H2 200 pantech.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 78ms
38ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/pantech.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097063ad1f6f35eb0890ff4ccd81fefa4c963fac76b16039bd8e24429e8ed6d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 50493
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1772
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:21 GMT
server: cloudflare
etag: "6ec-59e8d1e63fd40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XDldOxfn%2FuZFVW7HBfgKb6ppGnNgbvJY3bxMsMrsw%2Faqete1%2BYbBMAM4t6Xy%2FtdFX3e9Po%2BbcEGLEm3v7ApEWWK0au3uPAaotRyHn7NiRKvuRtOG1Hp4KLyjkRvMToMa5BSfkWt0pGyq226"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b556983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 panasonic.gif
cfa.gishan.cc/static/i/logo/ 935 B
1 KB 54ms
38ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/panasonic.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c671e07339391ebd23167e1adb1bf0d0cfb37ad31348e5925fddc24c5e12ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 21191
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 935
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:20 GMT
server: cloudflare
etag: "3a7-59e8d1e54bb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loC%2BmGLAlEP0LIz8%2FKNavW7CL5e8i4QudZLhuu8gaBsJPMUt4Z07pGsq%2BY9watJe2PYgb0GmjeuOUk7gQhwFyy9xZMBtCGxAeDa0DdPy%2FZk9o7YMKweK7u0J8f73OaYqh%2Fng2Ot3jRV7Kt%2FG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b776983-FRA
expires: Mon, 22 Nov 2021 03:00:32 GMT

GET
H2 200 ouku.gif
cfa.gishan.cc/static/i/logo/ 459 B
792 B 58ms
42ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/ouku.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

392ea594906e8e04b5bd818e5f56283fbcace26b7cf2945807f59d48424fcf77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28147
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 459
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:19 GMT
server: cloudflare
etag: "1cb-59e8d1e4578c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0m7JexdymxtyCPZMciK3d0XULRZ3R%2FnZzIWSzwmVgosKdupIIrhVKz6DsehNhozjwYC1NV%2F1I%2Fbm8Cy%2BarOYgxt2ADQByT43DuEb%2Bb%2F9NBKnqpplBt0hXvdN3M05NzRrExEfvXZNzSXy3rb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b6c6983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 oppo.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 63ms
47ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/oppo.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8778b5187080ebc3d1e7f398617cac6ec9474ff8055a9277e63d5fb852f14c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28147
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:18 GMT
server: cloudflare
etag: "49d-59e8d1e363680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7qv29JSwUe%2B3Lfs3zbHfGoNArEXhOpUbOf5qMM3qnlFmHEeJZnsCuLSTmdriSdvA9GfW5HznsH55bn7xCcQJ%2B9ByOZKTEorUureR2f548cudI6uT%2BgZqg%2BNirB3x6bTbTxtaM6pCVVuWhY5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b376983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 oneplus.gif
cfa.gishan.cc/static/i/logo/ 3 KB
3 KB 56ms
41ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/oneplus.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b992c7c2b48f3b5e1a6a6e8ed33f7a117a760da34c6af56516335bffbd95175b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 53387
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3173
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:17 GMT
server: cloudflare
etag: "c65-59e8d1e26f440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfoYB0ZyCrXn28PDvK2hsYFyNw5Qnu%2B4tX0oMHEpLoB%2FlX3OrwpEwwzuO69dTd%2BoNffqgGGTwOIQIRHUmHzf%2BuJeO41kKEh3rP%2Bi5U5OZAcbo9Yun1PnwxWAVQKuIuZBG80fySMaMjDGcHeh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b756983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 nokia.gif
cfa.gishan.cc/static/i/logo/ 869 B
1 KB 47ms
31ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/nokia.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5bc5b413ba83d81dce8e3cdb6ccdc394c115da7e00e96073479038813980b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2312037
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 869
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:16 GMT
server: cloudflare
etag: "365-59e8d1e17b200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FmPRG7pJkjaeooYpX%2FteU6kYfNA7%2BWY4y0Aigjur8TAPv7VYxeafi%2F6PiJ7%2F0O88Np2ETNZhaBdXFqzveyXrPAonJ%2FUdbVY9eSOdE8An%2BA6lZheVl4q3NMGv7htgcxLJooCvkrFSzh97NaO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b5f6983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 niu.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 56ms
41ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/niu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fd4e826310623307177969f5a60fbdce351b62ee482dc281d4282556bde7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1302955
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1896
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:15 GMT
server: cloudflare
etag: "768-59e8d1e086fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjBH3n2%2FNUcLxyoCYdyV%2Fftn7qZ%2FUJOtkszcLnL%2Bu%2B1aTE5L93ho2ZgDatbsSj0sq4PZgdmprYhjHXq9%2BYwEUeP2zwdOg5B357WFZHmgYq69WTLsnrRX06%2Bin9sZUUvYgTUp5sJJQYL%2FuvNL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b456983-FRA
expires: Sat, 04 Dec 2021 22:14:00 GMT

GET
H2 200 nexian.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 54ms
39ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/nexian.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

120c370bb4b6ee24f70691de1f2f455f4fd337e786f60660ffe63349e59ee9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 189104
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1957
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:14 GMT
server: cloudflare
etag: "7a5-59e8d1df92d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bw6VIEti7ieh0ZbxQ98P58oFsUquVea2zSWzjz6CdYUpIDvcMxh2hww%2FMCTPG0v%2B5Z9Ogra8XzK1f%2FFy2ycDgZpcuJ69kZvn1%2FtWcd5yhKPGaal5pIzhEwuehCggTd%2BQBvtwytMKmZgaCQl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b766983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 nec.gif
cfa.gishan.cc/static/i/logo/ 689 B
1 KB 38ms
23ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/nec.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0651c292475b7806a90d1771113603db78ac9efd1e96a1e55257b75827a3674d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 101034
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 689
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:14 GMT
server: cloudflare
etag: "2b1-59e8d1df92d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF4iV6lDxmIvku68gi0BGqEU%2FZdxgzhwkrom%2BaPkX%2BT8uHqiPh6wRY%2FjIth%2BX%2FjQlCto2KfgF%2FfT1eM6GIvzJJAlEIJpV0Fy2aqsBHjcGOAC961UeLPmgFRdmpYIj3P%2BmX5JKHI7CbGwC3nQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b486983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 myphone.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 44ms
29ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/myphone.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ba018d0a63d5959155ce9ba8d9be29aa26b0dacf4c54abb02ad15a8d368587e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 450872
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2002
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:13 GMT
server: cloudflare
etag: "7d2-59e8d1de9eb40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIw6nkuPaKiXi57ivey0ynR8MwOYZQYT0ZGCVU%2BYRPVA8%2BUGKnXO0KK%2FiF4ki3c4LgqjPYWOVUsMTwKIekWpwRnjXteo9%2Bx67jkn8J6MMa5HxCBIZV5a9Qi%2B0Bv9jnk%2B%2BIYtDa71LqQdkOfc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b3c6983-FRA
expires: Mon, 20 Jun 2022 08:21:11 GMT

GET
H2 200 motorola.gif
cfa.gishan.cc/static/i/logo/ 651 B
1008 B 58ms
43ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/motorola.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d581fb985621ef384306f32f479ac60d7c78ef1762f65726b16a69fe3bed069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1296569
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:12 GMT
server: cloudflare
etag: "28b-59e8d1ddaa900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Fw9U7lnmXyJJozvYPS7gQf6ZQO8can0bhAIbDeqki5%2FHEDaLb0JgE9559p4tVe7n5GStmZRZyNkKj%2FJpgSPNftYR6quBVvZaMs9iMAEdsDBFMGHJOG7gQ6vTz0jcEyZPJof0aDaIOjmHnoi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b4c6983-FRA
expires: Fri, 10 Jun 2022 10:10:08 GMT

GET
H2 200 microsoft.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 49ms
34ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/microsoft.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ac8280a8aa0d15093e42bce6fdb62ceb1d660bd4b59d8bce6c5227ec9d8c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 450872
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1806
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:11 GMT
server: cloudflare
etag: "70e-59e8d1dcb66c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq2vjFLlXNPhWUPTCu4pHujqFOXABh%2BOfyYe7gabhHL4cOEXh943YWqOs205qYJYkxh8fvM8SC%2F%2BUmGl5biNWHnuRsniBj5u7jXtk8eOfCFKu6ZHU6lgkt7o%2FP4Ndyb87kXIi6xKbNELRPUf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b4b6983-FRA
expires: Mon, 20 Jun 2022 08:21:11 GMT

GET
H2 200 micromax.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 57ms
42ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/micromax.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07e1df9653cac37972aef7d89e8c9525094a3cafd1f43c0210b70aafa89c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 189104
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1236
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:10 GMT
server: cloudflare
etag: "4d4-59e8d1dbc2480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhRwpHIZkCaVsMYhc%2F2bcW7KmOLpuJ5w%2B8XkBLglM9VHFcmU%2FG02wte38SebGD%2B936XwUWoK7u4e4sKoPKHC04iwOxZPoz4dSa7iifVByOwYhJXKpB%2BKdR4hhn32jo2lpZsL11vynWqJ%2Fw9D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b2d6983-FRA
expires: Fri, 18 Mar 2022 01:00:15 GMT

GET
H2 200 meizu.gif
cfa.gishan.cc/static/i/logo/ 775 B
1 KB 51ms
35ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/meizu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ee53c58dd04ba5f1dd3e866cc0b3eae41338c654022fe0262757e6040d3447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 189105
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 775
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:09 GMT
server: cloudflare
etag: "307-59e8d1dace240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Is4LQyntrK%2BA5z0M65R4ZRx2wX9lHzXjtNqTk5jPXK%2B5MvrlFxFNywPbU7maX9FyEWzuw%2Bv1EmkLzH89bMliLsUlEkegzOZF1ioPO4Yczih9Nlx0gP04pWvg%2FYZfmzQGuulUQ4g4fLGBc5xE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b726983-FRA
expires: Fri, 18 Mar 2022 01:00:15 GMT

GET
H2 200 maxwest.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 52ms
37ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/maxwest.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e9616418c7bdb8d84ab8048a7be8d16be44011a31381a5ac87607f0362ccce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 450872
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1986
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:08 GMT
server: cloudflare
etag: "7c2-59e8d1d9da000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcPeAzQW%2BUlpBrdKnN2kvKo0sI4AAc6nZE5pET7UeWpZGqcVylmsQB8PPNHUQWpVmqH5uUdZBYaECjX3VQZOBrUcm61jWeQZKdOkS1Orv42eUkGjfZ0v9ACVEG3Sl%2B3%2FaHZZuT2L7hOm6LSj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b6f6983-FRA
expires: Mon, 20 Jun 2022 07:35:26 GMT

GET
H2 200 vertu.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 51ms
36ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/vertu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d54bab2eaccb3dce54106cac6939cd2ebdd2881c198a60a15ce870611b36a94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 4526
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1765
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:34 GMT
server: cloudflare
etag: "6e5-59e8d1f2a5a80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms%2BRyadsWO3Z1TGysQVpex8IUY5%2BIVgRxwId1x%2B%2FZDNUlp71KfvXaYGlHXOt5scKTZOUlbJ7uKQnL9eumxusN4ps6l0owbC2cuSX9Vc5hH5wNzt%2FbUDmriO6CrWXm5HB9DYCLjICyxPy8HR7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b696983-FRA
expires: Sat, 27 Nov 2021 06:45:51 GMT

GET
H2 200 zte.gif
cfa.gishan.cc/static/i/logo/ 569 B
1 KB 47ms
31ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/zte.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeebe9003ec66658e776f1d8797e3c095527316f03711b0b26b7d7b37ba7259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 69133
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 569
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:43 GMT
server: cloudflare
etag: "239-59e8d1fb3aec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prhJO%2FSf1PDiEHX5NRsg2tE6B4Ae4%2B4zcqReCqzhOyH67ikbHdJ5yN8WxYD%2BPyAM42UfWx0vk%2FxjgFSrxqgcDLV%2F%2BpSjBwEDR3oyDO09QXyrqJz1wP%2B9kM5CEA5egRTgag2dh5VkNxyAaTCR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b6d6983-FRA
expires: Thu, 11 Aug 2022 22:05:07 GMT

GET
H2 200 yu.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 52ms
36ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/yu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58a006bae7ec5e583cfe9386c2954a6894b9ccfb96d62bb92b34f5062c5ec40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 50943
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1352
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:42 GMT
server: cloudflare
etag: "548-59e8d1fa46c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rD6v5FgsSwvFhVKLU7BC4XTvK6jM4JKCKOPRKYOeEM5zOgSeDsfow4d2WtLx%2BpTBQBNtKvTGieB4uku5BC6w3jzcnDDSU3bNDVOwIIkEWezRXPF5IicsjklvnXhtQYAy2CvUw6DHcgr5rPE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b586983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 yezz.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 58ms
43ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/yezz.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c8238505852fb72d840431887b1692d51443d026230aedf1d67a5c6b376768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 873584
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1744
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:41 GMT
server: cloudflare
etag: "6d0-59e8d1f952a40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tek%2BnSDrpK8wW55NDKZAUzluhhVesyd%2Fax8bddH%2B71L4zwhdsMtCClNau0OuXTL6Gyqg63yyBsOQehazOpXZvuKofw01ceXvEdNgvlJEl082ibhRi7DNBa40KX2v8WTdBJpT8r5mO7PQt3h7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b426983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 xolo.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 53ms
37ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/xolo.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74aa01eac115bcc948e8540bae8dacb813618c6d1fff2854999ce3228b986d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 31968
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1175
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:40 GMT
server: cloudflare
etag: "497-59e8d1f85e800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Dpb%2BjUop47mDCKsgHMdr6OIRJUyHS7FXWzjJUnvyd407UFUZpyYunynRFKdyXVHz9q8CZvoCEO7tChmUSD6%2B8SgSrso1k0VncsKNvPJXrAaTXzhz1rZ6Z6FONGMBBPqfCu8iEBCgC278X9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b6a6983-FRA
expires: Thu, 17 Mar 2022 20:12:29 GMT

GET
H2 200 xiaomi.gif
cfa.gishan.cc/static/i/logo/ 645 B
1 KB 44ms
28ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/xiaomi.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff243ffb9c6a1c985bda17aaa7779ff587f169cd931d73c1f48a9dbb0eaeb788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2581001
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 645
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:39 GMT
server: cloudflare
etag: "285-59e8d1f76a5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3xjVOSY3Wdel7NV8ecN6xTFxmklL0If9LklRiuFEk8uV9Qackt5nXIhxLmz8Uf2Lpx7xMsLdd06gUqAL566q5ViwyuiIQhjvJ42L2udj5CVTcGpy9h%2BI6Z1hdAB2tffrBTdZOos55DuxDzv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b3a6983-FRA
expires: Fri, 19 Nov 2021 18:02:49 GMT

GET
H2 200 wiko.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 45ms
30ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/wiko.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e06dde46c84ceeed3bcb9a02b522dafe6216b3ffc6ab5181e286c1752809a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 51441
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1700
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:38 GMT
server: cloudflare
etag: "6a4-59e8d1f676380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za2HE%2FBPiXghC2TzPeO1cwykgQmh2eMdTty1GrWfPy75v1AOLAQKsU4%2FHwiBzP2OIKYYSS0VXF8SbXxa7CXsjimK%2F1wZFOzIywryF9wdaBvC6132m53hCTGdZ%2FoXhXE%2FN8jAMF2eY3lWcnNF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b396983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 vodafone.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 49ms
33ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/vodafone.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c39cfe2e54cbff3888faee883f8064fce03bc207f7c73cbcc8a5a94c206a08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 4526
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1621
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:37 GMT
server: cloudflare
etag: "655-59e8d1f582140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61h3kYCPgwsl3LuR2hClLqC4Macq8l8%2FyKqrcHOtxjJQ8J9CEOCglNdD8%2BmwOXqHTv7i6ayTeGK%2FkpDymrGTH5caCy%2FDbAwfrkfBLXi7t1w0ziQknprQESh5x2qgV4uIKbuB%2BcOhsYZ9azMt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b316983-FRA
expires: Sat, 27 Nov 2021 21:50:05 GMT

GET
H2 200 vivo.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 37ms
22ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/vivo.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df9a32c2b4cb946698047afbde1d46122136a1906b3b8eca260e2f11e49cd898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 16223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1424
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:37 GMT
server: cloudflare
etag: "590-59e8d1f582140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7DjuNYAicTEdMCy%2FcB%2BWrWrid2pZVeXbPmuu64qH3naFzE2EirtqcSHbJM1NJUvR6bS8E3F3hSFF8%2Bey3bMB%2B6o9wMuv8cv4ge8GKEEId01xOdgmK988a5PIQLGrfs1GBUJEFfDfNMFCNfj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b406983-FRA
expires: Sat, 27 Nov 2021 04:44:32 GMT

GET
H2 200 verykool.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 43ms
28ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/verykool.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b27f351d16d1aecf110ae7848db58d42b07398447667789cd3f16fa7639176a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 98610
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2125
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:35 GMT
server: cloudflare
etag: "84d-59e8d1f399cc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKiBolq1avcY3Ef3wGzuq2zMLKSLCe7VA2GS0OQ7dzJJ0U5ej28oSTObm11%2Bkvat7p0w5hodrG3FBEnmBuC%2F5J45zClimbquDh2ZOjWh7iyQiiX5Ii4lfFyVTIeozVgHQxnHggUJZICcy9Uh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b566983-FRA
expires: Fri, 18 Mar 2022 01:00:15 GMT

GET
H2 200 lg.gif
cfa.gishan.cc/static/i/logo/ 479 B
1 KB 65ms
49ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/lg.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ef53cce2cd6156763e4c1d2e20b0d872a69beba9daf0121f538cd4343b6eac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 94986
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 479
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:07 GMT
server: cloudflare
etag: "1df-59e8d1d8e5dc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmfCXqnrgnGK3g1xUE2Dz%2BXzhLLfMGSF5F9MUhtYi%2B7LBuVq1DuK9yUzNHlw%2BQB0ZcFfh62X2E7VdIzZbpI7uJAUyjsxguWSAO27MJcEOXJk%2FrT%2FiWoeCuAYZknUO%2F%2F9Ud%2FK9NK5t4mtR%2F%2Bz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b2c6983-FRA
expires: Tue, 23 Nov 2021 05:17:49 GMT

GET
H2 200 unnecto.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 50ms
35ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/unnecto.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b41473a26873211d2e6ce4af29aad920c21ed7115a76bd31c670a8b722ea77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 60807
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1846
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:33 GMT
server: cloudflare
etag: "736-59e8d1f1b1840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiC5grKizLa72B0SkXg4uprfsAIinXy02Hl5um%2BubREg8xetsCx4c9uUkquo%2Fod%2BfeexG2xIHyWJD24KR12TmZrtftLt4CnHfG0E2yBL3w4a%2F9G3usy0mN3vXia%2B0COD15Vz%2FkNmPHvsYeWT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b646983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 umi.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 48ms
33ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/umi.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315a626a821604644f5468df3fb40f3e24ded58d3ca10e48d09ebdf034b0168b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1419891
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1397
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:32 GMT
server: cloudflare
etag: "575-59e8d1f0bd600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmWH%2BlEBOmfYsEJ4bst3ZLddVwdcVr5MGXdL9e1rGxvjOvoO%2FoKjIH7BSvAfA7g6zDVCxFPfuDpIEaPNZQ5qFLp6jM7FdgIHy8G%2FMeBYP%2BYmsXe2ufoYH3qoiKijmKMsI%2BFJvgQFPVYeIyK6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b676983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 toshiba.gif
cfa.gishan.cc/static/i/logo/ 788 B
1 KB 45ms
29ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/toshiba.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde6984d528ff0cb7d0858a81d2379ad09ad1f516f854c37c69cb5a61d6a98a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 455068
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 788
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:31 GMT
server: cloudflare
etag: "314-59e8d1efc93c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGPPTLCuteUXA3OHs5479Rk8inks2IEq4EjDcc4OySWfH3NzvT3iAwhya3DeTNNOh51g5FiowNqL7bjIRn%2FiPuUN91luq3GI110g8qIzTlmGbWpSK5gRkblxLhXRVNj1czBz%2BsAzUvd%2BaVjD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b3f6983-FRA
expires: Mon, 22 Nov 2021 03:00:33 GMT

GET
H2 200 t_mobile.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 39ms
24ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/t_mobile.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1635fbd5543f234d13a9755dd29e0764cd3cbe5aabea48499147e9412984d1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 15324
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2196
x-xss-protection: 1; mode=block
last-modified: Sat, 17 Mar 2018 13:08:24 GMT
server: cloudflare
etag: "894-5679b6b756200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNqiLbBp%2BHJ68u8jpkXUao8SUL6OEG7znbmwsI9PFJcDgLRneq52Hm8NitQ1W28AOZtNdPtkb8vUPq95G9QXsrsu2u3xRkURsSFSq2HWTAV4j8f%2FjyB91bI6rBP2rM3P0aBxkydpxLrM0ZY4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b4e6983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H2 200 sony_ericsson.gif
cfa.gishan.cc/static/i/logo/ 906 B
1 KB 39ms
23ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/sony_ericsson.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54d81b8d41ba2e5a31a87155e2a27e2a193a59e5468e7c4ec0f186adbd4a4880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28147
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 906
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:30 GMT
server: cloudflare
etag: "38a-59e8d1eed5180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Rml4P8oXDkXZ%2B6MJMBFbhsQDmXiiQJg%2BdgVL%2Fw4NSspTfW2Nj3zG%2FpK78CVJzEN1fNtsytyPGn8XF19PrAOKow9dO9SPC2Za36EVPeRarwqptNsajb3%2BtkVNTFyvd0dIqqa%2BoEHLeOzmfFF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b4d6983-FRA
expires: Fri, 18 Mar 2022 01:00:15 GMT

GET
H2 200 sony.gif
cfa.gishan.cc/static/i/logo/ 954 B
1 KB 47ms
32ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/sony.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70dd082dc4a7b6d0ccbf28ba16785d13304e9253da7548b4101c47a2abf062f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28147
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 954
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:29 GMT
server: cloudflare
etag: "3ba-59e8d1ede0f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQryc5awImEhY3npOJKiZo06PkSENEL0VOvtESyp4JXCVlAjzpTBRl1T6fISZOGEMHLG%2F%2FOQ2Ru%2FwksTUXgK00fY%2BO8XBNbxjr7dRMs3Sm2WFy8klguv62p0la8WtiHkSpaB%2F%2BCjv6SaSjKy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43458b516983-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 sonim.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 122ms
100ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/sonim.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690b72737c03b052555f26a59ce164fc0564a4f76e7df56f48b8d4695f09cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 453371
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1757
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:28 GMT
server: cloudflare
etag: "6dd-59e8d1ececd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEmJ%2BzL6egsSWSd10Hv4qpKgiMG%2BU%2F%2BI2hjX5grdnHq63I1YJAp%2FaEd3EyH6sSM61JT35VIJLtsLhbu4cZCjenGC5nG5D6Qt7qbjAj7PUTFfDX00gtv7visD7iAKtXb0KKD16%2FEQfcybjs1T"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cefd697b-FRA
expires: Mon, 20 Jun 2022 08:21:11 GMT

GET
H3 200 sharp.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 121ms
99ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/sharp.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b18b85061d073debee24ffdc2575ebb6a37940505093205bb5c20a8f29a960b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 62792
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2028
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:27 GMT
server: cloudflare
etag: "7ec-59e8d1ebf8ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UScPb74qQMxPysBsve4V97G8HrCbT6LDKfF3pNZC6j6OT%2BWm8n0apOOf8RiI5Nbc%2FPkysXg%2FAssS0ePsbEDR9g4chr1ZmNbdo%2FTTXb54fqT1ca2jBu7LNZmqv1EtriM2z3icKvWtf48WCmHo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cefb697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 samsung.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 119ms
98ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/samsung.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b2ea4496b618318ac9ed8bff158a1e6703044a63ebd6b32963bb2355776915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1304190
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1065
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:26 GMT
server: cloudflare
etag: "429-59e8d1eb04880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQiFckvpeDpi0Mopwj5WPItFH5%2FAFF1jA%2B%2BOnYup3WFbilVMi184c8j9PeehpU0GEc049C%2B6j7Q9pZPnzECtXfbmSs5PX6203xg01S1zqHdVlnjuB82iYH3hTXKob9cpC9VYEsXmFW3%2BAh33"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cef2697b-FRA
expires: Sun, 28 Nov 2021 17:33:16 GMT

GET
H3 200 bq.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 120ms
99ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/bq.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db0271561efd5b08616b8e30c88794a9063613bdf42da757f5f2075f200a5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2273414
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1484
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:40 GMT
server: cloudflare
etag: "5cc-59e8d1bf26100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRWqmrblghI2xF7H4Bb0n1O69wfhYquyHkWC1oDqfQj4mSGaaojRMzmDlEQKdL3TBYD0QiBr%2BycEYpbbmT%2Fs%2Fr%2F7Sv%2Bz8Cy1nFH4DZEtBE2jg%2BeFRsBwqAxjYqtXNQSWFMvkjsXA903%2FbSs8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cef9697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 geeksphone.gif
cfa.gishan.cc/static/i/logo/ 3 KB
3 KB 120ms
99ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/geeksphone.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b11164270672f25a334b6f5e93a25025b759b208013c9dfa5aa5a47bbdf7e703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2312036
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2668
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:48 GMT
server: cloudflare
etag: "a6c-59e8d1c6c7300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MltgES7opgDcBR7amyu0di%2Fg%2BpsuN5RZrXY8uXLhZvspn9fBvKnwaNIi4E8yIk%2FVcBdwES%2FZG2YwDwSDxOsHvdWkwRp%2BtGAbZkFo5XIfCnQNMhKE2FSFipyhg1o848iaRM51r7UtA2lAI1MN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cef7697b-FRA
expires: Fri, 25 Nov 2022 22:07:12 GMT

GET
H3 200 garmin.gif
cfa.gishan.cc/static/i/logo/ 724 B
1 KB 119ms
98ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/garmin.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60bcfafd776bb788622c353cb4fbabdb4dc0bbb7ce15b61c186242c8bc12b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 64349
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 724
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:47 GMT
server: cloudflare
etag: "2d4-59e8d1c5d30c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCJNFvnTF6iJZMHC7ke%2FzobCwXhu%2Fhc3DSjg%2BEilkAzD9A2pxTOqwq9Q5oEgT3AW1yaNNu5%2B3c29UgccokO5QYGg4LbVtvo9%2B2Wlk7r95W9%2B6ch5X43%2FqtdGhgJHNu8KgkuYnjYkhU8Bu2K8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cef6697b-FRA
expires: Fri, 19 Nov 2021 13:49:53 GMT

GET
H3 200 fujitsu.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 112ms
92ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/fujitsu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821ab412424ec71cdca5bb331a2c3bd687f9398de11d2ff3b0085c607bf73012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2312035
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1426
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:47 GMT
server: cloudflare
etag: "592-59e8d1c5d30c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aokRMVpRbHZLXcOJrJRrZy1YTXdSElxvOUFvZHVJpsabnRp6qu0Q5F4IPabX5iLlnt1EqGMKzYEi7ymHSFtYQrrqhkubmlk3CDcjCGMKWGmBO5%2FtN%2FFcgP4mrLTZ5WmF8bvDen4nk8kYOla1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cedd697b-FRA
expires: Thu, 25 Nov 2021 05:03:33 GMT

GET
H3 200 essential.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 111ms
91ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/essential.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a8b42131e32a0736885e57d3db5edcd10d28c593572cbbc2f06f077ee9a965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 86659
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1928
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:46 GMT
server: cloudflare
etag: "788-59e8d1c4dee80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZ7bL8P5ejh8Q%2FlZe36gx0wH%2BhzqcKkfkXLgZ35S4ciBIvPFrVyFUTqokstGQai%2Fg7DPpd6ADSgaAcNTbnv5oF6j4vOMLObqkS%2FgME1n0uB7PBg9YKlQETzk4NEL01YHKEwl2ovL89UHa7pL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cedb697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 energizer.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 110ms
90ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/energizer.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174882a9de80cf69ec7dc3290faeaeb42cf295d90e4d609b7c605818a807b9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 856297
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1845
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:45 GMT
server: cloudflare
etag: "735-59e8d1c3eac40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbHJWL9vTzrxOHie%2B%2BRMCXMbdcV9UBLBrpzPaGPeOb%2FGM5naiEWG8XbznE%2FieiAGAg6dOaHQgrT2GIN2qeDzhY%2FAtIyVbSvaPD%2BbuBSqRkRhMmgzyNm0%2FwH0%2FQDj2cqvLSq924KU7ybMo1yE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ced9697b-FRA
expires: Sun, 28 Nov 2021 15:01:44 GMT

GET
H3 200 dell.gif
cfa.gishan.cc/static/i/logo/ 787 B
1 KB 110ms
90ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/dell.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a68557240dbc6b42e288c7034c59bf1e21259044709d92f6674c1cda9f303d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 60807
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 787
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:44 GMT
server: cloudflare
etag: "313-59e8d1c2f6a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C2DxeDSkNZuAFtgD074sOI3CXK4BlJlCTqFUkD1DnKbJgtT7Iy5e%2FnssR9%2BMNwNJ%2FsRMhHnRn3KMFEWZ5%2FMb6Q4rwYaJLloUfIGM7cA5LLO5HgRvc%2F%2Bl5MWUDbFd8mh4GTz43bMcQmYvNHP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ced4697b-FRA
expires: Sat, 04 Dec 2021 22:14:00 GMT

GET
H3 200 csl.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 114ms
94ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/csl.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5fa35c6976743f7f23cc7b446ed2519c99305596c1ce35148ae7dec007beffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 51441
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1438
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:43 GMT
server: cloudflare
etag: "59e-59e8d1c2027c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ%2FVnDAtH5iIANS%2Br7as6qvxXLIJSUrNQkww9tjWAgLdRi6zSPE3Swc3qF02qIMO4WbWMjSHq1TbLHeTI5lJMcMfFrpFHGVZJf0N4jUacaF8GmQxZAJnF00V2mvzX3e0j5npf1UAsoQcyNLP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cee1697b-FRA
expires: Sat, 20 Nov 2021 08:58:23 GMT

GET
H3 200 coolpad.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 114ms
93ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/coolpad.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ebf331182f34565a0246fd0048f5a0fd53deb1bc70f8958237bd1a7ab4a611f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 189104
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1701
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:42 GMT
server: cloudflare
etag: "6a5-59e8d1c10e580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52Yb5aF17OKKDWoX3DxxRydx6XY%2ByS9vO6NI%2Bkjeyd6y0Z9BJEAlEMsYM1R3ZWVb0hfYc6eLtnU%2BxVgBOOU5gLlyo17DpGHtMHLT6dqw%2Fovs0ItJhqIpdas3QIkgGmagcadi%2BdbfV%2F7Sg%2FPL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cee0697b-FRA
expires: Thu, 17 Mar 2022 21:27:10 GMT

GET
H3 200 celkon.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 107ms
87ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/celkon.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de8807401e6303a290296f73ddfbe5f6f433a6dbcf8353a23af00c452f7dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1801646
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2028
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:41 GMT
server: cloudflare
etag: "7ec-59e8d1c01a340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjxGGhHIFjKOU1ZFWHQst3WtwO0AksLT0B4JiGc7DCDWsKzpsIJLBgDw130h0f29LtKUBUTmfvDxSKe%2BEux7jh%2BF58XBgDfHwq%2FcZEWz%2Bmdo4uXf1EtObCjg9w1lG63ok6PdV%2Ftg6tYQrK2L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cecd697b-FRA
expires: Sat, 26 Nov 2022 00:38:20 GMT

GET
H3 200 cat.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 106ms
86ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/cat.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266d44648d76ec983ee45913c0b7225c40409e8f63c0ec2186e3f1e064d38ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 120018
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1590
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:40 GMT
server: cloudflare
etag: "636-59e8d1bf26100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdtVg9pYdt21haElVAaMnIXFhwDAFn%2FHlmh2Pms3eWcKkMblfZfTsNkU9vf23D9CtMpn7ac8Moy8oN8AidmfMh8QnABtAYl4K5e3mfQc29U4QI7xpEQOEDKrxNqPi6ttp54IwQ9jRDfnqkym"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cec8697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 general_mobile.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 64ms
45ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/general_mobile.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

349a0757c02687caf82ab0f7dc4861e302be3382e8396435e4c768aee756c61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 64549
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1230
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:49 GMT
server: cloudflare
etag: "4ce-59e8d1c7bb540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJnY2O9Z1zJuB8I3b9YZoQbPthVtwhpETcN380bVt0bBlG2FNcgPjuQlPTaXCDmptYGTa0LThjVYOZ6yD%2FRXlJ%2FmWvpJ%2FEnSL5uayt3K2XORqjb3IGofw0RykkZCpJAx%2FstxI5HhIZ4xxWdZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce8b697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 blu.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 63ms
44ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/blu.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4337a42beba2b09656143cff18e3be886961d7c35331b4b6dabd7c97598bec0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 86659
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1419
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:39 GMT
server: cloudflare
etag: "58b-59e8d1be31ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukakdBM4hI2A0je6syFy20VfUZFWU6T3nzHIUv%2FGO2i66QoMvxDb9lTW0wz1vrfeQVJCSXVPM7RUCQdyS1jgBzFzF6C0wteiUOE%2F6nH1taY1SQxS16Vj2XHP42OXC9nXXIf%2Bn5iPwmYU0vmn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce85697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 blackview.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 62ms
43ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/blackview.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63f70f74982c93f8f1b40ae25b7d4c9d169a603e39028909f03f52489311d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 60807
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2080
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:38 GMT
server: cloudflare
etag: "820-59e8d1bd3dc80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWFRCxULJvpVy%2B67ACSx5lqJ%2FkdcXbn8J7TJj%2F0Jw5TR%2Fjo69KIsurLNlhq9FI984tD94JpgyO4Jgs1s6t%2FQcqpXPh%2BxYek5ybh81T7hifaoDG8zQyMxNTXlqv5ck4vV4XzfCoRO0pkXz6hD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce7d697b-FRA
expires: Sun, 27 Nov 2022 01:25:33 GMT

GET
H3 200 blackberry.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 59ms
41ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/blackberry.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88bd14f5979d1a4e7316cb19dba1a27a437e9423dc2a0c61be0a3e2565cdbfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2544727
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1157
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:37 GMT
server: cloudflare
etag: "485-59e8d1bc49a40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drWYzqsxVBgNQvrQQa%2FQ38Kvo3e30BunhX7ps9WuraLC0DMTeU8sHt9BRcT6HyxcUxWV7ueb%2F0eEyX265FCKu0IfEEeyItlFgZgMbWnoNNlcILX2%2Fnlv9k8SZqmyKVRw2gU4XJTmMVxTnKr9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce7b697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 benq.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 65ms
46ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/benq.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db76fb65ae8c3f4a3cf8f7b29401afaf43a23220abaca7c990cac92c16f59763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 62792
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1876
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:36 GMT
server: cloudflare
etag: "754-59e8d1bb55800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTW4RdyHw0PCFdbhFUHVeKkWe8BrAoGUTPHAuBl5sLwno0dzgGWaTqoo2BqxV5X%2BVFIOw6QGsj9wt9K0EPcQKx6UNI8PdL20EZNwlvEqrSZdSikJ3oy0Md7%2FIRVn%2Fc5N5WAqO3xzvGvSrVMC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce96697b-FRA
expires: Sun, 05 Jun 2022 03:01:33 GMT

GET
H3 200 asus.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 65ms
46ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/asus.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba452e9b77a64c93f96aaae49eb7994fe9f62aa52f8ffa8fc8985267cec9f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 613871
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1117
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:35 GMT
server: cloudflare
etag: "45d-59e8d1ba615c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBA8wyLnQZgGf799KD7ksf6pRtMAaopemJGeV9VwUa%2BVUVSaGvTzw9dyIl50TH%2BHf46%2ByFOjCP3hxYWgQ9m2ky4Mez6os%2Fm%2FJOJmYTsJWx9wrzhMFzwO5Pc%2BXcctgQnfoL3qxPrxPE4m%2FBBs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ce9c697b-FRA
expires: Sun, 27 Nov 2022 01:25:33 GMT

GET
H3 200 archos.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 84ms
65ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/archos.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e0f43fca7ec2ebfa462a6be7f34ac0a092ef8138b9063a1861a7b1a5f79e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1659674
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1894
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:35 GMT
server: cloudflare
etag: "766-59e8d1ba615c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEQYqpbLALDY3DwXSpuB%2B%2BXq17oExbiV%2FvXpse6ffijMM3pdNG86CjaVIovUPKIsUhsggw8%2Bit4N3ibVxhIC2e9yfGlrM7IVnygQogg1sfkueu0oI3pLlR9GlDoLuzvgbMD8Kfb0OPHOQsir"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cea3697b-FRA
expires: Sun, 27 Nov 2022 00:34:42 GMT

GET
H3 200 apple.gif
cfa.gishan.cc/static/i/logo/ 967 B
1 KB 115ms
94ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/apple.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2cebf92a38ad1945b6f1ae29904d53d749ff25520647dc9dc94c00b049261c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2312035
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 967
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:31 GMT
server: cloudflare
etag: "3c7-59e8d1b690cc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwujF39hcR1h1bfewrUWYckmHTCBowbgyqZxnDhJbPqnizGgk34dCPIa8ESM288Y6WFPjfJ2oMSCsTGhIBUFHKi8EAiz1UzWUbTsXUIoDOtpPx%2FJ%2F6LSnoCZRFDV3Ukpi6x8kp%2BNuHWafQYi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cee4697b-FRA
expires: Thu, 17 Mar 2022 18:11:20 GMT

GET
H3 200 allview.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 116ms
95ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/allview.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b087aad5d111e7513f8cd68811baaf1307e95832ad8a2963fc03549a67cbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 60807
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1953
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:29 GMT
server: cloudflare
etag: "7a1-59e8d1b4a8840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FfqaoSo9E%2Bty7atcYgeWAwsR%2BGsZbCCoBV6dhxAKgAWyUA2YkLV0nAWh0LsvoLwB%2F9nkdg2SnLfZTKVHtllaY7XBOV4w1vZoiVcxnqWxY11p14ouQLQc1BOrVpbFhnTL7EvIqhXF7YZ%2BzOf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cee6697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 alcatel.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 116ms
96ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/alcatel.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0abf452de26e791b58c202d6ad96d9301de3ca292a670842a113c4059db590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28146
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2227
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:23 GMT
server: cloudflare
etag: "8b3-59e8d1aeefac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihKSR2mpQCiVc9mijedrPTGRS340RQtkWurc5fofqJFptXNbQDK6KtmnOzFS3rlJ2R5tEm5xXM2B%2BCU43e9lItZzF1Q6Gjcly0dHqLj46%2B%2F12JmI5pGlLyHpeNQ%2BK5FGHifBHCGLxjqiPwDh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cee7697b-FRA
expires: Tue, 23 Nov 2021 07:20:38 GMT

GET
H3 200 i_mobile.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 116ms
96ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/i_mobile.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f906d28b0f97f70a5d27d920b7fa4133d8a5e3785023cedb7911c3e9c40eba46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 182018
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1076
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:58 GMT
server: cloudflare
etag: "434-59e8d1d050980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo6endsXhiVZIyU7NpZnbARbjaNyTfGrPXtknBuWvBKBEXgUlZFGUxdSVhOENlrQ6LJQnSlsRN7QcT%2FOsIR5OMpAz3cwpuiw5Igtyet71hsevt8cSMEYzGG7zgnI7dP6iztpDzuZGKmZ4dkh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceea697b-FRA
expires: Sat, 27 Nov 2021 06:06:14 GMT

GET
H3 200 lenovo.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 117ms
96ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/lenovo.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0f660ca9801c7e45d8186ae5a1f9db9074b9692b25919a9df67d9fde61cb95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 453371
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1036
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:06 GMT
server: cloudflare
etag: "40c-59e8d1d7f1b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3umi98tgHTOOSCApn5fgK%2Bzdq6uEG9bAvvjzhOlIbrQof5%2BUsHQ5XLL5efQZcLiYPihYn0NWkUOISb%2FvcYUXkoOkvW60bCc60TF5Dd%2BBUh8o%2Bzf%2FonW%2FxNwpEfyMJOgkU%2BQUpuUkSWzGwt%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceec697b-FRA
expires: Mon, 22 Nov 2021 03:41:33 GMT

GET
H3 200 lava.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 117ms
97ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/lava.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d518ac9fd3eec0ff910eabb32180a7c4edad8d773f5937b145ac52c65791d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 694701
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1553
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:05 GMT
server: cloudflare
etag: "611-59e8d1d6fd940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow4DkuoiIECnFs2f9c673%2FAL1h4WI5gDoPvDnixQg2W2KiboXy9Ze4KKyYMD%2FwOmNFcqIHhgC%2BVNkkLFPCV6jAXioh1qszdA1sjfkrhQ3fgqX%2BEcMdYFaER6lwDcPYIJaporOrIc9g7efvMj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceed697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 kyocera_sanyo.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 118ms
97ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/kyocera_sanyo.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c252810f095d9056a0ef5533e47c51e3eceddb43b8aa09ecd9cb53f3508a18d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1419894
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1056
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:04 GMT
server: cloudflare
etag: "420-59e8d1d609700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AlGcxprIxpLAe56bbUa49jiAWsXZ1Q%2BlpZWG4MAOlCINXFHijyxvVOivNO44st%2Bpdbd1lh2hs33Fi73P4TVcSEkp868aqSulH8adQLf6WPOm7mJZFwlHjPtT8RQajxr6v0akpxalX4Zk0vv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceee697b-FRA
expires: Thu, 17 Mar 2022 15:50:45 GMT

GET
H3 200 kyocera.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 118ms
98ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/kyocera.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1486998fe3683ca71ef88ea96871619d791d89f8bbcd863c67b2a1f6a9a9706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1296562
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1760
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:03 GMT
server: cloudflare
etag: "6e0-59e8d1d5154c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVI6dE1kfWbxYRwD5JQz4CqtAhGP3EWp36HQcwb%2Fwbs0aUag0YD4nvu6%2BsSX6a%2FVtUhfTvfhXLtuNn%2FbzKrfMCy3eJ%2B5E63%2BzqHkx61mczw44CGO7CncnCGZxuwoY1PYbE4xjGe9SGY4md%2BA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cef0697b-FRA
expires: Sun, 28 Nov 2021 18:28:32 GMT

GET
H3 200 karbonn.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 101ms
82ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/karbonn.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3c95e78082151f56b782c960e22dfd76d7df252440c895d3653b305dd62f9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 28146
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1967
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:02 GMT
server: cloudflare
etag: "7af-59e8d1d421280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em2jXqrtfraMV5f%2Fh3Kxt0IEmzzVCUB82x10U9K61YUrOQy24UWUexXRycSFS9dPLD3ldxyLDzECHsGO2tNd7LoYEMFWr6N1XqNuLJah7bFbd2HwTY%2FkoJEXY4wdiPMQATEZrKBR2PDUe3Fi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceb5697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 intex.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 102ms
83ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/intex.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa3be35d050e31bb89cb85e99724a3b687ee79223d0155733e5cddcdf763c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 101785
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1174
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:01 GMT
server: cloudflare
etag: "496-59e8d1d32d040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQ5aMyXU0YxoslQHZyZkN7fOyQmKzrEE7a%2FazaAiGgXYX0FAyHs3zAOSJstdO%2FeYsxyvszeZ85A%2FBkYTtTf1NWST7e4mpEooMp%2BYyI8yxcrcIRb%2Bo7ojvr%2F9ScjIgvodou7LgOpVFKHwehc0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceb8697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 inq.gif
cfa.gishan.cc/static/i/logo/ 635 B
1 KB 103ms
83ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/inq.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f9d7ce4e753429165160e4bd93c7f8fbae787510cc9655ff8bc61ffb451ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 189103
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 635
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:10:00 GMT
server: cloudflare
etag: "27b-59e8d1d238e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDL8Skd6G3y5Evy2uEkbhtVxA7hHd9serxg3Suk6eTRJVg1UKCOlf3KdUMpJwnsdmKlptlr%2BJV08OgvjVQ1%2Bg%2FWW%2BwCFgQPSJPleMMl1ZvWPVWq%2BcpYYt1t9V6ahi%2Fb1HJ51MT3%2BhbJgwixM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceb9697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 icemobile.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 67ms
48ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/icemobile.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720c998df9a4eda79bd32326c3088db4cdd80fd0a87ab5997e88f6bb11770072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 62791
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2158
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:59 GMT
server: cloudflare
etag: "86e-59e8d1d144bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RIhKcrQiYPwnIbe032kOE%2B7fzt9Gkoy08HRVCPyFtco%2FkzTRTZ7HvNl2niKutx0Ru7qzXmHRYFfvKX5RA9jKSReJN1GyCKb6jQP5%2BK9LX1DVpZURcZ9WpAtoHgydM0PWSQlkeKBvzVkIIOh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cebb697b-FRA
expires: Thu, 25 Nov 2021 16:19:36 GMT

GET
H3 200 acer.gif
cfa.gishan.cc/static/i/logo/ 959 B
1 KB 103ms
84ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/acer.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7f6fde11555a4d4f5a85b1a44ca4340d5df9d1c9676c78600ec925288e14e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1302955
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 959
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:21 GMT
server: cloudflare
etag: "3bf-59e8d1ad07640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3128hJ7S3cQxeIS27Fpq09Gw6uuw7%2FLKIvIUy%2FNk2G0g6VIKzL0rvybq0sEUEFKd15rcOVh24G9EZhxiMiA5gbPPMeU%2Br4%2BwnDY4g9qon1KBLB%2Bptu8Tmh31m9Y%2BnteJncqWN5F2X%2BiqmYqB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cebe697b-FRA
expires: Sun, 28 Nov 2021 14:31:28 GMT

GET
H3 200 huawei.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 104ms
84ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/huawei.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8547a91ea61bd72b52471217427d176f84be53af5bd3f380c3c844c901d33a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 67687
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1074
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:57 GMT
server: cloudflare
etag: "432-59e8d1cf5c740"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tz143KV0q%2FDo3xmRGJHGKwkHU%2FRL0YcgwheGMVwF9%2Fv2jY0F7xFH8%2BtwIxgF52%2BGRI%2F4XzFkztndnapKQtS8j%2BwDZCXkKCLuz%2FhpOKMXkbmfNwkzsyCTogjHS8edsASpS%2FDNHnSuzuTUaWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cec2697b-FRA
expires: Tue, 23 Nov 2021 05:36:24 GMT

GET
H3 200 htc.gif
cfa.gishan.cc/static/i/logo/ 653 B
1 KB 104ms
85ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/htc.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8907fa8c7d432b422cbd8d363f620de7a753236a92e4dc72547e5f7e99a718d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1308735
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 653
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:56 GMT
server: cloudflare
etag: "28d-59e8d1ce68500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKWqP2aP%2BrR8Vc2vE1xLzUyk5TTjvUTVxjLI%2BgsDSSi8BTuNgV8t1GQYia%2B%2BwpWdt%2BAgQ9Kfqt6X3Dq4istSVszlmhpmzQ4bhXjAOQZJ16%2BqllXMIAv3PPJUPpG7%2FFP6TNL4SuVReN8J7%2B%2Bh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cec4697b-FRA
expires: Sat, 04 Dec 2021 22:14:00 GMT

GET
H3 200 hp.gif
cfa.gishan.cc/static/i/logo/ 1 KB
2 KB 105ms
85ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/hp.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571134f4d3805b1e0106a43f3b97785b3be0a12cb1be82c4727627890acfab44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 64549
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1346
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:56 GMT
server: cloudflare
etag: "542-59e8d1ce68500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAC0rehNSmOKjLmULAyF%2F4rJIlNo1Z6SfIfJ9WCn5glG45fY6oJDYtHGP6qihQ7ire0fSIgOMvp9BYuQ9%2FwoU6F6MUP0eaPWJKxJmJqGIopWrYuPsibFSrNitnA84bPjDdKLBWRc%2FI2tb1l9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cec5697b-FRA
expires: Fri, 26 Nov 2021 08:20:19 GMT

GET
H3 200 hkc.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 88ms
69ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/hkc.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50684ad1e00c919186519a5a2759b39ca2d10cce8d8b7ee13889f6f06e7ffa2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2575942
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1837
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:55 GMT
server: cloudflare
etag: "72d-59e8d1cd742c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTmSJdDmPspedtiemtIUOLicRAdL6yvhtk1JKVUD0P7HKiysLowlJAM43xNnGhP2DDXMJhkCgl92NMC4AQB%2BRnHbs2Um1vPY5j%2FwKEi%2F8iU9EwP0%2B%2Fqer73SlksfhE1xA2u2c9dVK0qI4xo9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cea6697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 highscreen.gif
cfa.gishan.cc/static/i/logo/ 2 KB
3 KB 93ms
75ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/highscreen.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb23bf8e7533eb545e689324348557fa821de53f9d3a68e1030734c84141b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 763006
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2139
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:54 GMT
server: cloudflare
etag: "85b-59e8d1cc80080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh1CyYj9OXQADwI5gay0WrVktGwrrepfHH7qaQVcNLTRS0L2AZmbmTpykBHRVQaOtNk4Zva5HLB5CfD%2B4sHGqWixEKO9eEKtG8KUYgPCwrRGxxkYPH0F5EuF68g3lRm8h5kPXbeynzkyi%2BiE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cea9697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 haier.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 98ms
79ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/haier.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f855ee2464083deed90d8e781709c6848b5a52b7a79dad5608be1b390ab483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 110613
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1790
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:53 GMT
server: cloudflare
etag: "6fe-59e8d1cb8be40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSxmnoLnPk6jcFugwV1xg8fw%2Fjan7qIFCIJxtd%2F84sD2omNa%2FMbM200QYiMGxvgToGAuUFSjiZ7tE4Z3IaRNym4ysKeLDLzHHbba0BaBdnSfZHLO9J%2B9EbWU9C3FBPwJWprfHfxna2CB1Wx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345cead697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 google.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 98ms
79ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/google.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bddce4e4d866b4138b95e227deaedd243806addf60d75aee00faa2681f88012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 98610
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1590
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:52 GMT
server: cloudflare
etag: "636-59e8d1ca97c00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjy4vgJg68UuPIjLtAIgkwGEG9Nz8lqqwtogNR%2Fwv4Zps6ys2XE1IXDX6Q%2BU0Es1V0hdLYLBMhZdLhP%2B%2Bwacvu5bKNXPtUw9ZxPdyf1430WA6FgwDPGzPm2v44HhLMVWngnPqanKTH7rqgz0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceae697b-FRA
expires: Tue, 23 Nov 2021 05:36:25 GMT

GET
H3 200 gionee.gif
cfa.gishan.cc/static/i/logo/ 3 KB
3 KB 100ms
81ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/gionee.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4769c6c8807f71d2762969951ab0784316a14bc7c97ac2168e3e3ca8604d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 15324
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2575
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:51 GMT
server: cloudflare
etag: "a0f-59e8d1c9a39c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtjR%2B9c7%2F%2FzeCOl8ndtDTdCgyOCLuvS60AFpsJvJ9gzXvWtALO%2F4l3dWVWRvmKEObWe7UOJ7cejEyw1uqkkIE6n0O2GfbhZRpy18JZqEtFikez8ldiATC%2Bo8CU%2BmimtFnoRh50ceYFud9yV0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceaf697b-FRA
expires: Sat, 20 Nov 2021 07:17:32 GMT

GET
H3 200 gigabyte.gif
cfa.gishan.cc/static/i/logo/ 2 KB
2 KB 101ms
82ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/logo/gigabyte.gif

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/l.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a76bf89e9884850b4308e97e9e35e6ebae8269f3406bc14aad1d6df0f27bc59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 60807
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1726
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Feb 2020 18:09:50 GMT
server: cloudflare
etag: "6be-59e8d1c8af780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F05ZJcAW0CRzodL0d%2FwyunwtWqBQUpBiK5Z8gfzlz5eVjWI9%2FGUur9qgl7Oklybfl5oCH%2BQgeygq7nCTclxCU9BSpjbW9tT0%2B5vgczuMdQOz0MMoyNfY%2BYVyk9cGkaQa%2FO1ZDcREgtmNf5re"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4345ceb3697b-FRA
expires: Mon, 22 Nov 2021 03:00:35 GMT

GET
H2 200 gishan-network.png
gnv.azureedge.net/static/i/ 2 KB
2 KB 8ms
8ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gnv.azureedge.net/static/i/gishan-network.png

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF6) /

Resource Hash

3dc7f6a5289eb14b5e89897ead90cc8909061e9b6a1a98d5529db8e7303d9613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/static/s.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 695461
x-cache-status: HIT
x-cache: HIT
content-length: 2334
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:54 GMT
server: ECAcc (frc/4CF6)
etag: "91e-55d22a484ef80"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
expires: Fri, 19 Nov 2021 07:27:05 GMT

GET
H2 200 cc.png
gnv.azureedge.net/static/i/ 5 KB
5 KB 9ms
9ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gnv.azureedge.net/static/i/cc.png

Requested by

Host: gnv.azureedge.net
URL: https://gnv.azureedge.net/static/s.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB2) /

Resource Hash

27ac31127a5b0892a41d4095953caed2b9d706bfa98ed899b93561f3020865c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gnv.azureedge.net/static/s.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
age: 697897
x-cache-status: HIT
x-cache: HIT
content-length: 5281
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:13 GMT
server: ECAcc (frc/4CB2)
etag: "14a1-55d22a2135340"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
expires: Fri, 19 Nov 2021 08:09:19 GMT

GET
DATA 200
OK truncated
/ 743 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c126fc720c116f82a1b92a7a9b46319ed66c802e4bbbe769908e512f8835afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show.php Show response
cfa.gishan.cc/static/s/ Frame 5BDE 1004 B
821 B 30ms
29ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/s/show.php

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ae78efe7a810f0183a878d1bf2a81d51468308659be67b325883ddc47ec4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 698772
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2592000, public
cf-cache-status: HIT
cf-ray: 77da43467827697b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Dec 2022 16:34:03 GMT
expires: Thu, 29 Dec 2022 03:29:34 GMT
last-modified: Wed, 14 Dec 2022 14:27:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtZgNrhxMjshVi8Ap3aAaigGVFx7Ib25OUDQY75Ah51EOadaafCaX3PaBWIMqmkMUUJBOjC2OYQNdpi8fJyQQ5cz6wcXBDdEGRVf783kELSzFPYojp4NHg7iksjjNV3QGsCwY2%2BH7CX0%2BAMI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-status: HIT
x-content-type-options: nosniff
x-dc: GishanNet-FRA-LIN
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
23ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 15:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2599
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 22 Dec 2022 17:50:44 GMT

GET
H3 200 gapn.png
cfa.gishan.cc/static/i/ 12 KB
12 KB 21ms
20ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/gapn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4814065bf4c7901a85d62648b0b8d8a0484e8f8d3c17c2de2343bf174a1696a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 2314120
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12207
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:45 GMT
server: cloudflare
etag: "2faf-55d22a3fb9b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78Fhe4LNf9CcNufptpdr4tOKtN4VZzMrxcgCn18m%2FaqfK%2FRpyzlbHhZWMZO5zk2U3qLbdgIcJ1UyQ9ULQcR7n3Qn1t70%2B0HUPnCk2h%2BWR9rZvGL5SxsAHyiIk9X1QltM90gCChEdagrlZc6U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4346782f697b-FRA
expires: Fri, 19 Nov 2021 18:02:49 GMT

GET
H3 200 gishannet-ubuntu-300.png
cfa.gishan.cc/static/i/ 9 KB
9 KB 20ms
19ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/gishannet-ubuntu-300.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa0cc134a50260711b86b21eb96598b350792be9266c6317e3f33eea1a573e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 58073
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9059
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:57 GMT
server: cloudflare
etag: "2363-55d22a4b2b640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzFsqrm57LgrbiU95UgqqcPplknC6501MYznIR3zzJSHKVdbvtIJry146yZHQ2CvAc6KIFyIV7Gi0xzGBbCk1ZHPliXMJ5EdgAGMwjMYME6lCP%2FVVBl%2BFlfUzX5TL5sMj2J80ewrwuhxGmhI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43467833697b-FRA
expires: Fri, 19 Nov 2021 18:02:49 GMT

GET
H3 200 cyanogenmod-apn-300.png
cfa.gishan.cc/static/i/ 8 KB
9 KB 27ms
26ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/cyanogenmod-apn-300.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b144fcdb6eccdba0e377f0f557e1032531cd0d9d59f0d14a2254b76970037d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 705414
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8320
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:14 GMT
server: cloudflare
etag: "2080-55d22a2229580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zMNrKoChbH0g3AeD9KWgqBL5hwJa4%2FxZqggT9QDRFxV3CvZh%2BPbOXpd%2FftJKXlAijU36UkIHTi156T9a81OoAFOHPzBev61r%2BYwFFHNGsE%2BwJMyVsGmhbGtINIzf0snT30VStQQxJQDRb6v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43467835697b-FRA
expires: Tue, 23 Nov 2021 05:49:52 GMT

GET
H3 200 gishan-net-3g-4g-settings.jpg
cfa.gishan.cc/static/i/ 24 KB
24 KB 24ms
23ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/i/gishan-net-3g-4g-settings.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b6ada0173eb8fb3511cb49428af27c45bb016e1457dc34b50a9ae8d3767107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 21497
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24226
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:50:50 GMT
server: cloudflare
etag: "5ea2-55d22a447e680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E32iZDbJlApAzNqmBfGcp6MUWTGtEmCVx%2BmXVpcjm%2BLhyyp52MavPP1aXL8FV%2BlUZO1OmKKfs1ZK5GMRWhhSb2cneqgarj0UkdmKl60eR2nGNEASQ%2B1rHj2UTlk111Xz0RLXsjKwB2TJ3NxA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43467836697b-FRA
expires: Fri, 19 Nov 2021 18:02:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 111ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8234474453841918&plah=apn-indonesia.gishan.net&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119791
x-xss-protection: 0
server: cafe
etag: 1909029628966522960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 16:34:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 0B3B 10 KB
5 KB 83ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 n_id.css
cfa.gishan.cc/static/ 43 KB
12 KB 25ms
25ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/n_id.css

Requested by

Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd94237a877f678cd7317236f502cdf982297b9b96d377c6645d74764befb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 42901
cf-polished: origSize=43962
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 04:39:02 GMT
server: cloudflare
x-edge-cache: 2022-Dec-16 05:48:25
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqAB4oJyx7YUAzhnJU0%2BFwxOLv9J9KGasPINHww0LgYV65VTmOpDCvuKFzPwMy2hGIwZMc67Q8mdbmc7mI3R3iZoSjtLnIUpC%2BHfAdHrVL8QdWwBU4mD%2FgyUOkndrZaIJvH4wxEJAGCzIohJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 77da4346b8b2697b-FRA
expires: Fri, 23 Dec 2022 00:18:25 GMT

GET
H3 200 slide.css
cfa.gishan.cc/static/s/homeslides/ Frame 5BDE 2 KB
1 KB 19ms
18ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/s/homeslides/slide.css

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84013cabcd11f6cc831b7a9d145d7045cf0661cfd6b46291b25651a941a438d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1361185
cf-polished: origSize=2733
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 04 Nov 2017 06:56:29 GMT
server: cloudflare
etag: W/"aad-55d22b87ca140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQje7ZSx42ZVaS5Wkn4oqdFGOFTIS8dVozmrGfrOylSGVgcMpMKMb4992VCZ7Svi5zXdiWlcG%2FTMIU3JsNyBtpAbELKu0rz%2B9UbTTOtAA2%2BBgUO42kDlrvNKo5jlp8Vwsi%2FUvG6OFcDcI%2FJf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 77da4346d8d6697b-FRA
expires: Thu, 29 Dec 2022 03:29:34 GMT

GET
H3 200 slides.js Show response
cfa.gishan.cc/static/s/homeslides/ Frame 5BDE 88 KB
30 KB 26ms
25ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/s/homeslides/slides.js

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2ef1910cc75a038cccb86b1c61fc5d5f36296d59824226a23afc3bda092fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 698771
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:30 GMT
server: cloudflare
etag: W/"161e7-55d22b88be380-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4BYpm%2FA7DYV7ufqQUO1AvoEvvQ3ldPAiZNrguyBSBZ04zwjCx96wY96NrnlJibwXxfiCPNO8sXhWcYZQGt3vHlaaR2W%2BDXXyZ4WyaAJNf9KQM3BRGY%2FW8TGmpxIoTy7xiR0QrtI3zN2CMuD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 77da4346d8d7697b-FRA
expires: Thu, 29 Dec 2022 03:29:34 GMT

GET
H3 200 scroll.js Show response
cfa.gishan.cc/static/s/homeslides/ Frame 5BDE 18 KB
5 KB 20ms
19ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/s/homeslides/scroll.js

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd09c129345f306d15d4b7a6f04bb7dfc1a5964a10ca2e74ed6635f0fd26ef99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 999160
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:29 GMT
server: cloudflare
etag: W/"4949-55d22b87ca140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nr0rxatCJ95Z0gxeWePEV6OFvsSd3NEOrA%2Ff5hKpEOuVwGFvojsXS0B81sUg1sIOub1%2BLiox9imLS5%2FXrN4dkLe861d5PHmJAxy90lRKKXbS5H3OWF8rPlwHTH2AkPMjgpairUNXg7Dkryxj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 77da4346d8d9697b-FRA
expires: Thu, 29 Dec 2022 03:29:34 GMT

GET
H3 200 init.js Show response
cfa.gishan.cc/static/s/homeslides/ Frame 5BDE 428 B
822 B 41ms
40ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa.gishan.cc/static/s/homeslides/init.js

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f86f953011af18cb8596585038cdf2759b76d6536f54d29f0e444f0b5c0468e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 698771
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:28 GMT
server: cloudflare
etag: W/"1ac-55d22b86d5f00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66NtErmy4x5eqtWoLpF2K44VzZCXQXAf8yCyjDaYXRqJWwPDVIAe7l3silzkIyujQ8YI4Z4aKC5j6nAdLmQXWoN1hrwU3MCnbf0t%2FbHh%2BBjUkGNTSevy2bCLJ6k1BSMuQSU4uukGkCwynKM1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 77da4346d8da697b-FRA
expires: Thu, 29 Dec 2022 03:29:34 GMT

GET
H3 200 2.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 44 KB
44 KB 23ms
22ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/2.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5bce2b08586e2ca0d42596df315d4a17a9a2572e01e93bafeb26ccb7c683ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44810
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:33 GMT
server: cloudflare
etag: "af0a-55d22b8b9aa40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di0a1%2Bwaq7YPA2ENLj029B28vIaybfI1DNuE80WOnb%2BjnI7hntMKBr6TG0gdznQrCaSjzCUbEYOgj7gOQe5Wq9HhDJRH51uGIAh5JkFsYdNyuMLvPRuf1IrVrNgdxY%2BCB%2BIHHgJwSP8%2Bc0fm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434749ba697b-FRA
expires: Mon, 22 Nov 2021 03:01:08 GMT

GET
H3 200 3.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 32 KB
33 KB 19ms
19ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/3.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d42e7392633f9666bb14777eadbd8a801448bfda3089d95028b6fc6846543e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32751
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:33 GMT
server: cloudflare
etag: "7fef-55d22b8b9aa40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbM3aGdAfBdecLFNmx4WrVabHN1aGuBd1E4t6d8gR23RnvixGVAXtXY51qRaNIYMKDnRtbJtQC9KerIKUkbWdy%2But9Ykiq0knF2IX7qpy5CxaRKOhQ1YGXYJUcZooET%2BH11NVg8O%2BWwoHEv6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434749bc697b-FRA
expires: Sat, 08 Jan 2022 04:03:44 GMT

GET
H3 200 5.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 37 KB
37 KB 24ms
23ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/5.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa50b35c17debe8be9b331a4a246eec8d429fb8a65558d9f91c6055d6ea267d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37519
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:34 GMT
server: cloudflare
etag: "928f-55d22b8c8ec80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz%2BMAGy2HH0ZoTb8Xvbd%2B1%2FNwwaFR5obgCeSyRCzdqa2rvBynSXKnEPIGp80gR3RzHq%2BkbpBTdFlrGH64aYop3ZqBlUwkSGo6rh76N38mjNMU5IXhPvPpwiRxMmzy20QQhFQVTWxbl4HdJyZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434759d5697b-FRA
expires: Fri, 19 Aug 2022 04:38:54 GMT

GET
H3 200 6.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 43 KB
43 KB 25ms
24ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/6.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4137c46784761054ff79a1930f4dfd2d91595850c0c5f7360abed4087ea4e4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1780885
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43617
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:35 GMT
server: cloudflare
etag: "aa61-55d22b8d82ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1adwVKrr%2Bo0Ix%2B%2F6M2mLQone%2FskvobGAU9kfpkZEO3uSu%2FIJXjHHSDUdgMjTEswFJbh%2F878oyFVZRxF8IhUX4dDmZDhsg9p8DyFPxvRs1XpEzBZkdw3%2B9ayeSwUVrbusW6rBxwE%2F9S35qdr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434759d7697b-FRA
expires: Tue, 23 Nov 2021 10:47:27 GMT

GET
H3 200 7.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 51 KB
51 KB 28ms
27ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/7.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205358691eb0b62530afcbe8e0bdbe1e96ed3c40a6010095308fa5103e6e550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52006
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:35 GMT
server: cloudflare
etag: "cb26-55d22b8d82ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zudzIOcm1WSWlnjLtM0LUdWUO%2BH18Bjk66I7Vnpv81zVTRNHjuAIoaiopQ5hHHF31cNC3e%2BH0VFLRtMn3hhLd14k2J5k6sf736%2B3WvOolbPdZdnSWCRnFSMVx0TR16JdkyBE0E7TNCVNis8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434759d9697b-FRA
expires: Mon, 22 Nov 2021 03:01:08 GMT

GET
H3 200 8.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 45 KB
46 KB 19ms
18ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/8.jpg

Requested by

Host: cfa.gishan.cc
URL: https://cfa.gishan.cc/static/s/show.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f841d39aa939d32eccfe0ba975220d9c320183dab0341e2bc552e62c1e4221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 302510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46068
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:36 GMT
server: cloudflare
etag: "b3f4-55d22b8e77100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucM%2BjRULitNewNl9aQrKwYj1gLrAveUOB5ykQ1hSnIBiGVytHsVGUGiXLq%2FPXUPOkMu7ypdmz8Qkq4kfVFAqb33dpRtEpPib2yof1Bpcu0QfLuzSZe7mMDFSDgoO8ZLBssmcR82Y9bCnrvcF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da434759db697b-FRA
expires: Sun, 27 Nov 2022 02:17:46 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 82ms
18ms Script
application/x-javascript 2.18.37.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41321
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5acee67f078dfda4/ 2 KB
748 B 510ms
204ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5acee67f078dfda4/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c901dccefe00f7a59e931f0f4e49f0fbc40cedfd079dfb29d1c9e8b7d27d3a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
etag: -1627661912--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 571

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 369ms
201ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63a486fbc672692e&bkl=0&bl=1&pdt=495&sid=63a486fbc672692e&pub=ra-5acee67f078dfda4&rev=v8.28.8-wp&ln=id&pc=men&cb=0&ab=-&dp=apn-indonesia.gishan.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=3%2Csmartfren%2Ctelkomsel%2Cxl%2Cindosat%2Caxis%2C3g%2C4g%2Cbroadband%2Cgalaxy%2Cgprs%2Chtc%2Cipad%2Ciphone%2Clg%2Clumia%2Cmms%2Cnokia%2Coptimus%2Csamsug%2Csonyericsson%2Csymbian%2Csony%2Cwindows%2Cwindowsphone7%2Cwindowsphone8%2Cxperia&colc=1671726844004&jsl=0&uvs=63a486fb346efefc000&skipb=1&callback=addthis.cbs.jsonp__49942164050222580
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 050be31c4dd3dcbadc80eeb4bb913bafda15d9d355fd358c327f253b0ea931fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:04 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame AE08 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame E04C 71 KB
26 KB 31ms
30ms Document
text/html 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Thu, 22 Dec 2022 16:34:04 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.id.min.json Show response
s7.addthis.com/l10n/ 3 KB
2 KB 86ms
28ms XHR
application/json 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.id.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

0158103dd0fb17c160ab9c4e55fe0b74a3408cfaad931c6d5a8b594bf1e35a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 22 Dec 2022 16:34:04 GMT
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-c77"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1482

GET
DATA 200
OK truncated
/ 2 KB
2 KB Image
image/x-gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802d9ec6f7c0d1ea17cbfd55c34137a7e19ff6ad916da97a10d1c9558d4cd5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/x-gif

GET
DATA 200
OK truncated
/ 3 KB
3 KB Image
image/x-gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341410b6808f873daed7de647c42d3a0c1696b7e5005129591c94d2c23af176

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/x-gif

GET
DATA 200
OK truncated
/ 3 KB
3 KB Image
image/x-gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34cb7d14631943f0d7d8e5d27023d75dce16972966b0daa2905cdab54e441fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/x-gif

GET
DATA 200
OK truncated
/ 3 KB
3 KB Image
image/x-gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c30ad1b502e03c8734382c09a61aec15c24268bac6df9e0d64c0fb553201c26a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/x-gif

GET
DATA 200
OK truncated
/ 3 KB
3 KB Image
image/x-gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 884e6aed408839a697bd770979dee28d048033afccb6426ab17af75242b7ebb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/x-gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 49ms
20ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=969513582&t=pageview&_s=1&dl=https%3A%2F%2Fapn-indonesia.gishan.net%2F&ul=en-us&de=UTF-8&dt=Indonesia%20GPRS%2C%20MMS%2C%20Internet%2C%203G%2C%204G%20LTE%2C%20Streaming%20Pengaturan%20APN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=735160126&gjid=1840033791&cid=166574806.1671726844&tid=UA-21395317-1&_gid=120582392.1671726844&_r=1&_slc=1&z=1291709376

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://apn-indonesia.gishan.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apn-indonesia.gishan.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
14ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=969513582&t=event&_s=2&dl=https%3A%2F%2Fapn-indonesia.gishan.net%2F&ul=en-us&de=UTF-8&dt=Indonesia%20GPRS%2C%20MMS%2C%20Internet%2C%203G%2C%204G%20LTE%2C%20Streaming%20Pengaturan%20APN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=apn-indonesia.gishan.net&ea=web&el=%2F&_u=IEBAAAABAAAAACAAI~&jid=&gjid=&cid=166574806.1671726844&tid=UA-21395317-1&_gid=120582392.1671726844&z=1226869695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 03:43:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46220
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21395317-1&cid=166574806.1671726844&jid=735160126&gjid=1840033791&_gid=120582392.1671726844&_u=IEBAAAAAAAAAACAAI~&z=1693765956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://apn-indonesia.gishan.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apn-indonesia.gishan.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
695 B 133ms
52ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=apn-indonesia.gishan.net&callback=_gfp_s_&client=ca-pub-8234474453841918&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8234474453841918&plah=apn-indonesia.gishan.net&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86e8a2a179c2c544e60fc53266934a1b7c9d1170c554c1d9973fde966eddc4eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 83ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=apn-indonesia.gishan.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
51ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=apn-indonesia.gishan.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3923 23 KB
10 KB 509ms
477ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=90&slotname=6665169694&adk=4146532646&adf=3777922914&pi=t.ma~as.6665169694&w=728&lmt=1671726595&format=728x90&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843929&bpp=3&bdt=319&idt=204&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=3037271748200&frm=20&pv=2&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TwQCSq1oaE&p=https%3A//apn-indonesia.gishan.net&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dacd45f29044bfcd3c3d9ade96438aaa661a07cebf08e2e8a3db7d616ff3a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 90ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0775f636d5842351fdcce0dfb352a79a00b6a2ba66014e18228dea9b76ac5391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11125
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D76A 112 KB
41 KB 455ms
429ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=250&slotname=2725868498&adk=4217415236&adf=1158338916&pi=t.ma~as.2725868498&w=300&lmt=1671726595&format=300x250&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=222&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UsdG1E8VfJ&p=https%3A//apn-indonesia.gishan.net&dtd=224

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5dbd3ccd1434ad3c794e1d859039531f48fd62f65ed7f1988e54c7e786ee8ca

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNn81-XTjfwCFQjI7QodS5AAbg&gqi=_IakY8LCDJPK1fAPkoG14AQ&layout=/sadbundle/%24csp%253Der3%24/2745339239957086399/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41737
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNn81-XTjfwCFQjI7QodS5AAbg&gqi=_IakY8LCDJPK1fAPkoG14AQ&layout=/sadbundle/%24csp%253Der3%24/2745339239957086399/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF67 436 B
236 B 408ms
393ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=600&slotname=9990820894&adk=522599123&adf=3249390002&pi=t.ma~as.9990820894&w=300&lmt=1671726595&format=300x600&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=231&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HHot3vtKXC&p=https%3A//apn-indonesia.gishan.net&dtd=234

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60d82e8aeec109f1503f718ff74a4e9c31db90169d6734202f307b7338f37773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F97D 66 KB
21 KB 227ms
216ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=1032&slotname=4738920093&adk=1239161640&adf=1413477260&pi=t.ma~as.4738920093&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1671726595&rafmt=9&format=300x1032&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843933&bpp=1&bdt=323&idt=235&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YHaft1CfHW&p=https%3A//apn-indonesia.gishan.net&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8babdd5127fc0d97b929acd8f429d05f3ea21d2018342634121a1ab52d61a35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21824
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A1C 351 KB
60 KB 492ms
491ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&adk=1812271804&adf=3025194257&lmt=1671726595&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843998&bpp=2&bdt=388&idt=174&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600%2C300x1032&nras=1&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ca52d963cd1321d1087300d8b8f44d7486653bdeab0b0f3e800059edec8763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 61176
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 75ms
38ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21395317-1&cid=166574806.1671726844&jid=735160126&_u=IEBAAAAAAAAAACAAI~&z=1910530801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 159ms
66ms Image
image/gif 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21395317-1&cid=166574806.1671726844&jid=735160126&_u=IEBAAAAAAAAAACAAI~&z=1910530801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 159ms
65ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame F97D 9 KB
5 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=1032&slotname=4738920093&adk=1239161640&adf=1413477260&pi=t.ma~as.4738920093&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1671726595&rafmt=9&format=300x1032&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843933&bpp=1&bdt=323&idt=235&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YHaft1CfHW&p=https%3A//apn-indonesia.gishan.net&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 12:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 12:48:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F97D 8 KB
1 KB 61ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 14:52:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F97D 2 KB
765 B 45ms
43ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H2 200 a32ec6d66afc3186d932d2fa3de45437.js Show response
www.gstatic.com/mysidia/ Frame F97D 22 KB
9 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a32ec6d66afc3186d932d2fa3de45437.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 11:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9518
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:54:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F97D 23 KB
9 KB 95ms
31ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F97D 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F97D 18 KB
7 KB 92ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F97D 153 KB
47 KB 173ms
80ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED99 13 KB
5 KB 88ms
28ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 140131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 22E5 783 B
535 B 55ms
24ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3de415d4a47bdc82a0106c4b74397f2b4ee573023bbd360fcc72fcfe8545d315

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l6pFLc3gnP9ySGt6B2N_uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-l6pFLc3gnP9ySGt6B2N_uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:04 GMT
expires: Thu, 22 Dec 2022 16:34:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F97D 23 KB
23 KB 59ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=74612&q=80&r=0&u=https%3A%2F%2Fstatic.digitecgalaxus.ch%2FFiles%2F4%2F8%2F9%2F5%2F1%2F6%2F4%2F3%2F315330.jpg&ups=1&v=3&w=800&s=j6HjxCDHG83L8gB_rVZoXZlI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6c8997f6d45108fcb3c5297c7050bc6c60452865474608caf891a545be2a345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=485750
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23628
expires: Wed, 28 Dec 2022 07:29:55 GMT

GET
H2 200 lgn.php Show response
cat.fr.eu.criteo.com/delivery/ Frame F97D 43 B
348 B 229ms
19ms Fetch
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=JoB1FJXOFdUSnlHO3-P7D1ruBU7dyDOWuYDup-wWyhF71W7MBniv74-uMJeJuLXcXM3_eevv08h-uYSjZBrLqBSo4B5PEL_bo05cDsmnKInNyPanS48Xj4xT2vnaw9OZJbzRUQr5uCROEMKfDtBca1bUc4zdIKPckeQ1Zv9YhNT0CXZTu-c4ObbdveBYH1k0KxA_fWfI1XeLNR7-8K5kMOUWqS0pUMV8ZCgklE4XotIl63e5otr5-hIJMdl-ZKIqvh0ylq9HiIHycytpWrdVxOeMk6gWMekkjTSa33faijyOdQZ8JgtRxzYa3d3cH_9jp9L3ZZd_BMzdFevbOLf0sUkePlCbD7zUdYh-q2vK6k6HNugGScYyFGJWHP-AA41NjLdCMHBhxYH-ZVah_A5kZqq3jFlL0kBVVmaxbyN8abm8oQj8IhQnAZB-JkZ0E5mM9EiBYg&z=Y6SG_AADQfEK7fmZAAIw1nM1axebtJZchPd8Pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3454754
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F97D 0
0 53ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kIzTD4rGMAAAnYNiAgIAAABDGpB6AIQTFxD7hqRjhKpoLg7CjBK2FmMAEgMB&wp=Y6SG_AADQfEK7fmZAAIw1nM1axebtJZchPd8Pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 298262
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F97D 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwGfX_IakY_GDDZnztwfW4YiQA8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODIzNDQ3NDQ1Mzg0MTkxOMgBCakCRm9B9ofTsT6oAwGqBNgBT9A9tIkO3EZPuKI-3Ql9nNDAb_WjPB3MeQigL4fi8ahE40SxqBT-RyLhzKnrw1tsGt3S_5HLkXsR0VR19G2Frb-ydDdn4sVZ0Dl4W54l03jV1q_AsFRGf2eyGms5gnJ0Qaz55CvFFM8cbOi0qNw7YCxzG4e5PcXiUNAeW59tfvUe4aOFFpgOMSzgz6658S9klouypKqdK0nbL5wrcWzpMQLIPugYOTi57B7kAHuGcbfQLPNxmO7-f1ovBTTzNaNV_KIbXq4xt7Wsm9aB_YnA2WKa024WfMyTgAa1qsqO5NrVgqgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MjM0NDc0NDUzODQxOTE4GAA&sigh=_LqW0wLFTGg&uach_m=[UACH]&cid=CAQSGwDq26N9IYoOjaRVxpNtpFcIqjdWmqNL1cVCCBgBIBM&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=1032&slotname=4738920093&adk=1239161640&adf=1413477260&pi=t.ma~as.4738920093&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1671726595&rafmt=9&format=300x1032&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843933&bpp=1&bdt=323&idt=235&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YHaft1CfHW&p=https%3A//apn-indonesia.gishan.net&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F97D 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4HpE_IakY_GDDZnztwfW4YiQA8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODIzNDQ3NDQ1Mzg0MTkxOMgBCakCRm9B9ofTsT6oAwHIAwKqBNgBT9A9tIkO3EZPuKI-3Ql9nNDAb_WjPB3MeQigL4fi8ahE40SxqBT-RyLhzKnrw1tsGt3S_5HLkXsR0VR19G2Frb-ydDdn4sVZ0Dl4W54l03jV1q_AsFRGf2eyGms5gnJ0Qaz55CvFFM8cbOi0qNw7YCxzG4e5PcXiUNAeW59tfvUe4aOFFpgOMSzgz6658S9klouypKqdK0nbL5wrcWzpMQLIPugYOTi57B7kAHuGcbfQLPNxmO7-f1ovBTTzNaNV_KIbXq4xt7Wsm9aB_YnA2WKa024WfMyTgAa1qsqO5NrVgqgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MjM0NDc0NDUzODQxOTE4GAA&sigh=btfRJc-SIgI&uach_m=[UACH]&cid=CAQSGwDq26N9IYoOjaRVxpNtpFcIqjdWmqNL1cVCCBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=1032&slotname=4738920093&adk=1239161640&adf=1413477260&pi=t.ma~as.4738920093&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1671726595&rafmt=9&format=300x1032&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843933&bpp=1&bdt=323&idt=235&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x600&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YHaft1CfHW&p=https%3A//apn-indonesia.gishan.net&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 22E5 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=747749531072330&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 25ms
24ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 22 Dec 2022 16:34:04 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77662

GET
DATA 200
OK truncated
/ Frame F97D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd015d582d5b180c4df8a62c2830f9e24410f5275522c26139bfcf2ba21b8e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame ED99 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 13:58:05 GMT

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3923 3 KB
2 KB 1434ms
699ms Script
application/x-javascript 103.229.206.240
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdSbFkyUXlNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNzAxNDM3NDQyMTA1NjcyMTkvMTEyMDQ0MTkvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFxalFyQ3Uya3FrdlF0dEktT0ItdnNBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM3MDE0Mzc0NDIxMDU2NzIxOS96cmgvMC80MDQ4LzU2Lzk5OS8yNTgvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzE3MjY4NDQvMTY3MTczOTQ0NC80L3B1Yi04MjM0NDc0NDUzODQxOTE4Lw/Z1D8KvLOVXiyRl2J_mcUh_DTvJ0&nodeid=3784&group=zrh&auctionid=6370143744210567219&pbs_auctionid=6370143744210567219&shardkey=6370143744210567219&sid=12780336&cid=11204419&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%26client%3Dca-pub-8234474453841918%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=90&slotname=6665169694&adk=4146532646&adf=3777922914&pi=t.ma~as.6665169694&w=728&lmt=1671726595&format=728x90&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843929&bpp=3&bdt=319&idt=204&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=3037271748200&frm=20&pv=2&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TwQCSq1oaE&p=https%3A//apn-indonesia.gishan.net&dtd=222
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 2d0f79fc1a165b8aa7175b2a6b43b186f870a562083ef6adbc9bc387f3d3073a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
x-mm-nodeid: 3784
Content-Encoding: gzip
x-mm-bid-request-time: 1671726844
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Thu, 22 Dec 2022 16:34:04 GMT
Server: MMBD/3.374.2
x-mm-latency: 499 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: hkg-router-x59, zrh-bidder-x29
x-mm-lag: 1
Expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3923 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=90&slotname=6665169694&adk=4146532646&adf=3777922914&pi=t.ma~as.6665169694&w=728&lmt=1671726595&format=728x90&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843929&bpp=3&bdt=319&idt=204&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=3037271748200&frm=20&pv=2&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TwQCSq1oaE&p=https%3A//apn-indonesia.gishan.net&dtd=222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3923 18 KB
7 KB 30ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3923 153 KB
47 KB 146ms
88ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/ Frame 61FE 19 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=250&slotname=2725868498&adk=4217415236&adf=1158338916&pi=t.ma~as.2725868498&w=300&lmt=1671726595&format=300x250&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=222&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UsdG1E8VfJ&p=https%3A//apn-indonesia.gishan.net&dtd=224

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc80741ade3b46ade00bcdc89253cab8cb30d5c3aec41ac18072dc708b75ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 488021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4594
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 01:00:23 GMT
expires: Sun, 17 Dec 2023 01:00:23 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D76A 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4ETy_IakY9mODYiQtwfLoILwBo3tz4du6caT7L4QjqTeoKgwEAEg8qyWEmCVwqaCsAegAbKKwaoByAEJqQKjm-Cjx6OoPqgDAcgDSKoE4QFP0HRYSUBzN__5s2RbK_vEBoGPtKtAQgwVW607mCyvTS-2Glfvk-e9JTJzw1-4oy8YTWYjvnrQNSO7DHqgn3CyC0xJ-I029yjZjjWji1KdfDDjNQf1ILuoIAeooPHOfOOHPzqeKfeTxJcTs7m-WHZC6RlJxrojHIRJP1yRltsdRqksnp2gb8gKy52SYEUWZhn1PrIi-MguyneF4VQk35RstYxo4qCwwMI8l98xeVii0yZNx6mHdLoVd2Mpfu_RkGwm2uNv3ew3C3rB_emYg7Tj0txyYOlibHIRfGIg0PIjRmfABNeFzKCiBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJXMBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTgyMzQ0NzQ0NTM4NDE5MTgYAA&sigh=PsWATZkMYA4&uach_m=[UACH]&cid=CAQSGwDq26N9y7e-CBmKgyInAKzHnsJUDmfjJjA6KxgBIBM&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=250&slotname=2725868498&adk=4217415236&adf=1158338916&pi=t.ma~as.2725868498&w=300&lmt=1671726595&format=300x250&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=222&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UsdG1E8VfJ&p=https%3A//apn-indonesia.gishan.net&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D76A 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3923 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLx_H_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNEBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtf_23RA8TVC9GYXaz4s6qaTMVu59CyX9ECcT2D4mv2iNSD2YoLnjGABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgyMzQ0NzQ0NTM4NDE5MTgYAA&sigh=JswGyEVbYj4&uach_m=[UACH]&cid=CAQSGwDq26N9_a4nDosVZ92CrkyB2gB5G-VGy39tthgBIBM&tpd=AGWhJms_KT0Z9YSSkC6jhxc00cls8ochVfszd8-bNiiPUR1JFB94OLOwvKOVskFgu-T1uI6m3MmfbDLfpe4rU1RwAKNoWW0vfL4J_M5RUgUlV0fTpNBdb31IdFOfZlFTgI8VwU--eBvBqpBLrG4JEvbVG4IdgDRNzx1CYd2dVirh7Rt76vHE-efiRTxBeng2rveVvjaZI0ndedqRljnA751hyd8qoreTWJC8lkXPJNdk4hiw9kTFLErwT8ZRQZdbRkDlTcgEF96GHFQB8HFgNkqlaDAUeKVa93jTAmDh-Jv8ntwYe4qf9ibeOOf3TkzRRuKYh1xinswmYQNzR5h1NU-BOqVwxf0Yhqqr3Fc-UWDx455w34_4k2nrQIhXuWrF4ehKk3jMq4_s3EjkVQ4gSKuE0D56cofV2DlpsHY20a7yodVfZGeEYgjc0QYYKmS6LarMvwrJeqImik7HiGVIXZJC9Sb-8oWVr96SEZuGig_NqJPTF832DcmakyuOiUvNRrMZ4cOvaCUmhw3hrry1SLNfSKzvAAoZ5MHH9DErFxmoLuvjSK_SsrXkmu7ounYAJImUgwAPG7kLMgxeruCI3IqltoCQCS1bOiOKqMvjPYCaW_vE_UNr6g3xA2OOW563qmMR-SxqykgLQ3JJvZSEAJhYePBBKSofCSV5Uh3eP0Qiw9knMbzVjLso49iLMjZLr0x4n8oX3E6z0yAS8DoXiCnCR-n3U3RZmFkLznEuT9XRS41TUIcGWSRouamjn7jPKOoWBVYu7ZkMBVZ14LoaAry2xfM4Zm05KLVIjR7n-4p1MYEhB_74Tzl7hgRSeOxu24rf3oInUvOOlCRVLiDITzfGNPHPt5AR9_GiIMA3OKeWNJe7Yw59Ply4sN_YQv6QHrEps28P5oxhNMU58hcN4VQnTHlVEtnO1xjlMRLfIRGT6BwCEZh62MPbSKF0h0dJ6YSzOruXBI_uQIxseO6mSoWftHpwWfl1YYHW71Qzrf3J_ntaSpJ7A1lq04Krxv_Qw08WBvJmE-ezFIJTirxa3nmWOZC5dXrzdjlKYWdxuma5Gpa-IvOWROZmASWUWR-6-SKfPAGbXR3tICDokRnfNwelfddo4dJMzIU-D6VOulXvIi4vUxMh9rWpnb1j1EK_iInr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=90&slotname=6665169694&adk=4146532646&adf=3777922914&pi=t.ma~as.6665169694&w=728&lmt=1671726595&format=728x90&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843929&bpp=3&bdt=319&idt=204&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&correlator=3037271748200&frm=20&pv=2&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TwQCSq1oaE&p=https%3A//apn-indonesia.gishan.net&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F97D 15 KB
16 KB 53ms
12ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 258552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F97D 16 KB
16 KB 66ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:07:05 GMT
x-content-type-options: nosniff
age: 458819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:07:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F97D 15 KB
15 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 503600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:44 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 61FE 6 KB
3 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 22 Dec 2022 21:29:21 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 61FE 34 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Dec 2022 15:59:13 GMT

GET
H3 200 ff0e13b44aa69e593b8af39cbaae0572.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/ Frame 61FE 101 KB
29 KB 32ms
32ms Script
application/x-javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/ff0e13b44aa69e593b8af39cbaae0572.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c12e1209efcb45bbc84f530bafac68ece315a70dfb1732b54238bec65010710

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Dec 2022 01:03:05 GMT
age: 487859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29694
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 01:03:05 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e00a1c438c19128209b69d9f6a3271e8a6aa84178883fd27a983ea782dfbeb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52377
x-xss-protection: 0
server: cafe
etag: 1243023238407979640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED99 0
10 B 33ms
33ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bwtPng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C03F 143 B
166 B 20ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8234474453841918&output=html&h=250&slotname=2725868498&adk=4217415236&adf=1158338916&pi=t.ma~as.2725868498&w=300&lmt=1671726595&format=300x250&url=https%3A%2F%2Fapn-indonesia.gishan.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671726843932&bpp=1&bdt=322&idt=222&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3037271748200&frm=20&pv=1&ga_vid=166574806.1671726844&ga_sid=1671726844&ga_hid=969513582&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=178&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44774292%2C44779793%2C44780792&oid=2&pvsid=747749531072330&tmod=1339775420&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UsdG1E8VfJ&p=https%3A//apn-indonesia.gishan.net&dtd=224
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D76A 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D76A 18 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 61FE 6 KB
730 B 52ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/ff0e13b44aa69e593b8af39cbaae0572.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 15:57:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 16:34:04 GMT

GET
H3 200 14a7940d8977d30d66bee7ecca0f1aa6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/ Frame 61FE 17 KB
17 KB 29ms
28ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/14a7940d8977d30d66bee7ecca0f1aa6.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9209b27a04396910366c0bc3ac620f5792e91d93f441b566a0139095f0733961

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Dec 2022 01:03:05 GMT
x-content-type-options: nosniff
age: 487859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17730
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 01:03:05 GMT

GET
H3 200 251b76f59de36ba2027573f3faa8250e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/ Frame 61FE 19 KB
19 KB 37ms
37ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/251b76f59de36ba2027573f3faa8250e.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec4d3d0699cec4dac9fdc379d3259108b8fe20ed29ef79eccf0817c884dc6a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Dec 2022 01:03:05 GMT
x-content-type-options: nosniff
age: 487859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19154
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 01:03:05 GMT

GET
H3 200 438ea363c3a53bf72ff0a2d81608c571.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/ Frame 61FE 1 KB
1 KB 43ms
43ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/media/438ea363c3a53bf72ff0a2d81608c571.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2745339239957086399/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e1ae6218645ef3f2d9ce5087ed2e2aeb7781c3adf8296a3adf0dd17ee06ad3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 17 Dec 2022 01:03:05 GMT
x-content-type-options: nosniff
age: 487859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1270
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 01:03:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=apn-indonesia.gishan.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 110ms
51ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=apn-indonesia.gishan.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 32F8 10 KB
4 KB 20ms
15ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame CCBA 10 KB
4 KB 20ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 7735 10 KB
4 KB 21ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apn-indonesia.gishan.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 11:47:20 GMT
etag: 10353107486223812946
expires: Thu, 05 Jan 2023 11:47:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 61FE 18 KB
18 KB 74ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:48:09 GMT
x-content-type-options: nosniff
age: 503155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:48:09 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 61FE 18 KB
18 KB 62ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:51:19 GMT
x-content-type-options: nosniff
age: 254565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:51:19 GMT

GET
H3 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 61FE 20 KB
20 KB 65ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:05:30 GMT
x-content-type-options: nosniff
age: 534514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 12:05:30 GMT

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 61FE 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 13:58:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=747749531072330&bg=!ZGelZyPNAAYgquz3AKo7ACkAdvg8WsRFLPVl6BduSp_qLR6b_wvvkNViiYbONfAy1-d2aGK6iV4E_gIAAAEPUgAAAAJoAQeZAuYFDRxDwVswgGEaHIYzUu9Xy2KuWQihJ9Hnaj0yOZJ-O3M8o2IxJIWRFuuRP_0EdbaofeJK67QgG2Aff3dUVgHEOHQp_xWQyeHGsnl_b4uJ8Bsi8hkJrB_i9oCcGu_GYE3AnPuYOU4iM9qBoXpkB_bKBqBYZl-PyfoBqMrgyx82fONUGrDUfzDTokfcFa2iId5zGfx3C9YKfn9R0d9d5ldaYSS6qwB0biUgLshwAehN018_xy2r6p1Gqv9Yg6rPF5wg795G-Mj-OnBtt9i2yJjPiutCUtdpXrY8t9tzUCjcp_Z1mcHCIih8hzxWnbKlzrbkyw2Mlis4fKTHp3DcpqcnDH_mzlizIvmZIcpfzXy8odMqXbtGVcuS1GtpG2DB6KeRuhZ0nv5996a_T7ng5J0gJL4AgZh_tRn8mveJtR7iEhC6cAATzKehk0eKf3QomRVvHVtCIAMIfaV-m0Vn988iNsHBrtEMk-21LuMwzBGMJbYUSiKDRp59dStOzo8Uc2Uc6aojP7zms8dc6mw76dsINZq5WlsIchZf5p4dIoEm6pD5kepNgatM_nVIFzWkIHDLk8bA02Br7GxzsQXqiXseZXeYHaNJR39vfd5uEyVB7QjhMTgFX1ndH-cP-Srbw1xmsWnj9y7onrpd31Ik8a1ruhYBQJRf_KzIrY8nwZNrV2X_qJqHnqCTfDz-MTUxlm-Xfi9YynKDLY2cb9buoHy6zVlNdZsADNnB7guV94Z8LmBgEdV1AnTkR_aDz3zbm4M_7cStgP8q-3ADt1t4orZeNGJGWlnoyASk07uAruUMd_Doz6PFU6Z_khKXyqgioIRLgdndMzO3138MUHLWc2Uw-LEBU57NEXS9dacdXQisn5-3VywXtvNlJ8bsgwfoMGkEral5xK-qQLkRmoaw7Wi-2EVtPklW-0E5mXIb4u5S-cI-jEXU4XrQMPUDp6UISCsDo9-Vppq9m4DhQ8GvLKitFW2BB-Jh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apn-indonesia.gishan.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D76A 153 KB
47 KB 75ms
74ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
DATA 200
OK truncated
/ Frame D76A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a314561a2869e5a370599466ecc565c936c96bbe1d63e91776a0ac5f894d3bea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 32F8 9 KB
4 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 12:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 12:48:40 GMT

GET
H3 200 fe770b57936e5b6653f7939c920f5f10.js Show response
www.gstatic.com/mysidia/ Frame 32F8 18 KB
7 KB 57ms
27ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 11:45:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 32F8 6 KB
672 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 16:09:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 32F8 2 KB
765 B 30ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 32F8 5 KB
2 KB 61ms
32ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 07:25:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 32F8 23 KB
9 KB 34ms
32ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 32F8 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 32F8 18 KB
7 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32F8 153 KB
47 KB 161ms
160ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 32F8 34 KB
14 KB 61ms
34ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame CCBA 9 KB
4 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 12:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 12:48:40 GMT

GET
H3 200 fe770b57936e5b6653f7939c920f5f10.js Show response
www.gstatic.com/mysidia/ Frame CCBA 18 KB
7 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 11:45:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CCBA 8 KB
895 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 15:39:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CCBA 2 KB
765 B 31ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame CCBA 5 KB
2 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 07:25:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame CCBA 23 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CCBA 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CCBA 18 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCBA 153 KB
47 KB 169ms
168ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame CCBA 34 KB
14 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 7735 9 KB
4 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 12:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 12:48:40 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame 7735 10 KB
4 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 22:26:50 GMT

GET
H3 200 fe770b57936e5b6653f7939c920f5f10.js Show response
www.gstatic.com/mysidia/ Frame 7735 18 KB
7 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 11:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7594
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 11:45:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7735 8 KB
895 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 16:11:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7735 2 KB
765 B 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 7735 5 KB
2 KB 48ms
31ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 07:25:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7735 23 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7735 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7735 18 KB
7 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 01:38:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7735 153 KB
47 KB 159ms
158ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 7735 34 KB
14 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 09:05:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C03F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
25ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:05 GMT
expires: Thu, 22 Dec 2022 16:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 12688093403216609526
tpc.googlesyndication.com/simgad/ Frame 7735 4 KB
4 KB 31ms
30ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12688093403216609526?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7275f0fb8158cedd2aca99a9bb760d297331473511835855cf2614badbef18ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:09:19 GMT
x-content-type-options: nosniff
age: 260686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3610
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 10:35:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 16:09:19 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAEEhpDT3lpMk9YVGpmd0NGUnJSN1FvZHZqZ0ZTUSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKLwgEKitteXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QCiEAAAAAoJnJPzAEEhpDTzZpMk9YVGpmd0NGUnJSN1FvZHZqZ0ZTUSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKLwgEKitteXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QDiEAAAAAkJm5PzAEEhpDTzZpMk9YVGpmd0NGUnJSN1FvZHZqZ0ZTUSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKLwgEKitteXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QBCEAAICZmSGGQDAEEhpDTzZpMk9YVGpmd0NGUnJSN1FvZHZqZ0ZTUSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7735 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYjXV_IakY-60DZqitwe-8ZTIBIuF3YBrrrDQifoO2dkeEAEg8qyWEmCVwqaCsAegAdXz-NIDyAEBqAMBqgTkAU_Qwg9lEQKij-oJ2iPFsmNwotLBWwezjev_xMkY54nAIW94lO51ZpAtHeN0GpoXoZC_LVbzgYfrlJNIsQQpBiSonVcBb11yxNAYXVmI_WJhshHg-DZ8vbTmU5Myts7rFqmjSomORJ5ZW6Th1mYYSUY1ucYW3XdY_DL66FU6yk6xKXrA_XIPBS2-gvHZUVW_TA5cO5N3ehwntP7j0Y1rLfnJtzRXGLSwKDUYLuj9fWVeedqZignf1mf_E43ErYN-XiHBTODNvdM4phRs3xg99tqA6nJB6K0lgVFJLNM3VmJZZVaehcAE-ujY7M8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB5OMhy2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCRowLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjM0NDc0NDUzODQxOTE4GAA&sigh=6OVcgsuVulY&uach_m=[UACH]&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A03B 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7735 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 222c4b94b9d29a48203b0ab1ea3936237ad364667506f6538a64e9041b2e170c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A03B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
31ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:05 GMT
expires: Thu, 22 Dec 2022 16:34:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 16:34:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/8131656780051091046/ Frame 32F8 44 KB
44 KB 89ms
89ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8131656780051091046/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122c76c027e24c27ce007985611f4df857728af449c0945fee97bdb50fe16257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44955
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 10:35:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Dec 2023 16:34:05 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8123396300709684959/ Frame 32F8 1 KB
1 KB 151ms
151ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8123396300709684959/14763004658117789537?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9be6e5768831c858af578f0c32792d8bc528524a70ce67cd947c964d1d619b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 10:35:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Dec 2023 16:34:05 GMT

GET
DATA 200
OK truncated
/ Frame 32F8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 32F8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf508847aafb8dab8346775c849c74cb37deddf1841917e1d9d6e1224c88e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame EB4A 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 13:58:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAyIQAAgGZmpoBAMAQKDRAzIQAAgGZmpoBAMAQKDRA0IQAAgGZmpoBAMAQKDRA1IQAAgGZmpoBAMAQKDRA2IQAAgGZmpoBAMAQKDRA3IQAAgGZmpoBAMAQKDRA4IQAAgMzM0IBAMAQKDRA5IQAAgGZmRoFAMAQKDRA6IQAAAAAAYIFAMAQKDRA7IQAAgMzMXIpAMAQKDRA8IQAAgMzMXIpAMAQKDRA9IQAAgGZmcopAMAQKDRA-IQAAgGZmcopAMAQKDRA_IQAAADMzc4pAMAQKDRBAIQAAgJmZsYpAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15645587249430248564/ Frame CCBA 5 KB
5 KB 91ms
91ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15645587249430248564/14763004658117789537?w=195&h=102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f78ef40994d4e7d568083f8319595e7ae176d1fb2afb6bc3c3c5747c7c548b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5185
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 05:04:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Dec 2023 16:34:05 GMT

GET
DATA 200
OK truncated
/ Frame CCBA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CCBA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CCBA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 975b557e803b7f30b21d2e8ac2d2527f95f2b02f8b00370ed27ce538f343107b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 32F8 0
17 B 58ms
58ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0iK1_IakY-y0DZqitwe-8ZTIBJP72vZt4LG_nb0QisGYxJ8OEAEg8qyWEmCVwqaCsAegAayF0YkpyAEJqQLGRAgC4qPRPagDAcgDywSqBPkBT9A_ZxclbU-FDHUiEwupqQkbEhzFYIFFlaGHwkYxM1nOsdfD3HPbKS4Z8jQZ7m82dYY82ZbFVnhPDdHdnw2N_MHQR1WU5LOlgVJtwv704tu1Pr5br0aZBvnvKe7mLEtzFXp32dw4Dwq_lSRLdtPQE1IA64DAAJYOZQJxmlJX-n_IOBp-dpPRy7B9ZqVJoKheE28dk2R5NTzuHuOMeC8xWmUgGp9HbRGnZenElDaHG1eIauNU4EEXn8CYFLkMFf2qP23lc9Iuhfx-SR9EkjY7FYF9VOGDgMdLpYg-EpCBqXqQvHSXczBfoHNU93D5CCug142Dfm0EhJtCwAS1-ZuJlwSSBQQIBBgBkgUECAUYBKAGLoAHrL2h6QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDQhwHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItODIzNDQ3NDQ1Mzg0MTkxOBgA&sigh=iNkkwrEl9ss&uach_m=[UACH]&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&template_id=484&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9914 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 13:58:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNreXNjcmFwZXItZGVmYXVsdAoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAyIQAAgJmZkYBAMAQKDRAzIQAAgJmZkYBAMAQKDRA0IQAAgJmZkYBAMAQKDRA1IQAAgJmZkYBAMAQKDRA2IQAAgJmZkYBAMAQKDRA3IQAAgJmZkYBAMAQKDRA4IQAAgGZmuoBAMAQKDRA5IQAAADMzN4FAMAQKDRA6IQAAgJmZTYFAMAQKDRA7IQAAgMzM_IpAMAQKDRA8IQAAgMzM_IpAMAQKDRA9IQAAgMzMBItAMAQKDRA-IQAAgMzMBItAMAQKDRA_IQAAgJmZBYtAMAQKDRBAIQAAgJmZPYtAMAQSGkNPMmkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIgl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CCBA 0
17 B 58ms
57ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmq7o_IakY-20DZqitwe-8ZTIBJP72vZt0oS3wpUQisGYxJ8OEAEg8qyWEmCVwqaCsAegAayF0YkpyAEJqQLGRAgC4qPRPagDAcgDywSqBPkBT9D_yaPSIsPRlWok8MdmitZ8jZCokmAqiY-tz0bxmfoETfOPBfJ_3D0QN78sOZ5nf568eDTZ80f0scL2cogMEfpXUEHhFwV1Ap2Hal1_VWipclwZ0zlh2UA9jWc4ei3ndvGRCRkgKW_wsQtQa8W_GxaYoM8n52QXBlhIaUOJIfsY6pir4952qS_XtCsjilC0O56JavrjlifFNiWZu4tcQG1wtw_f1J1wPQ1-_YItJkVnhaklgMTLYSE5KVfwBGLdHz9PL0d9jswvViAhKGUFG_K-QWGZJpIDpmfrEOvHt_vkyHG45FoBRnK9Vyf5zc4lqCkxHXPR9zJswAS1-ZuJlwSSBQQIBBgBkgUECAUYBKAGLoAHrL2h6QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7mQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi04MjM0NDc0NDUzODQxOTE4GAA&sigh=jsH2mHobh1M&uach_m=[UACH]&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&template_id=5000&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAKIQAAADQzA2lAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAOIQAAAAAAAAAAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAEIQAAgJmZVYxAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAPIQAAAAAAAAAAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F8 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgovCAQqK215c2lkaWFfYW5hbHl0aWNzX2V4cDEsbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAFIQAAADMzW4xAMAQSGkNPeWkyT1hUamZ3Q0ZSclI3UW9kdmpnRlNRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7735 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKLwgEKitteXNpZGlhX2FuYWx5dGljc19leHAxLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QMiEAAAAAAIiAQDAECg0QMyEAAAAAAIiAQDAECg0QNCEAAAAAAIiAQDAECg0QNSEAAAAAAIiAQDAECg0QNiEAAAAAAIiAQDAECg0QNyEAAAAAAIiAQDAECg0QOCEAAICZma2AQDAECg0QOSEAAICZmTGBQDAECg0QOiEAAIBmZkKBQDAECg0QOyEAAIBmZuaKQDAECg0QPCEAAIBmZuaKQDAECg0QPSEAAICZme2KQDAECg0QPiEAAIBmZiaRQDAECg0QPyEAAIBmZiaRQDAECg0QQCEAAICZmTWRQDAEEhpDTzZpMk9YVGpmd0NGUnJSN1FvZHZqZ0ZTUSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe770b57936e5b6653f7939c920f5f10.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 32 KB
33 KB 22ms
22ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d42e7392633f9666bb14777eadbd8a801448bfda3089d95028b6fc6846543e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29834
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32751
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:33 GMT
server: cloudflare
etag: "7fef-55d22b8b9aa40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO7bHYYULozPAUrAsDUfTQRaLUsG0tJhTUxdxUNSNFWQ6MtaUYCyrM07ZzMSvQZxRrccPHLarXt%2Bin4Rf2XfVCWWE%2Ffog11X5re7bliIn0ulhz6%2FkbidsQIMp0gVESeNgYJpUCRnTcq7tVLS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da43541dcc697b-FRA
expires: Sat, 08 Jan 2022 04:03:44 GMT

GET
H/1.1 200
OK y39eto6m2jel Show response
hal9000.redintelligence.net/zone/ Frame 3923 10 KB
3 KB 68ms
13ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=6370143744210567219&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtE5AreWQ1HMTNwiIbvYW6w%26exch_seat%3D20035004448%26mt_aid%3D6370143744210567219%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_cid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%2526client%253Dca-pub-8234474453841918%2526adurl%253D%26redirect%3D
Requested by: Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 124811fba3b127ae7dc786d5be0d24198128be57761970a4b3adcae8d2e2868e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3341
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3923 49 B
329 B 852ms
450ms Image
image/gif 103.229.206.240
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6370143744210567219&node_id=3784&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdSbFkyUXlNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNzAxNDM3NDQyMTA1NjcyMTkvMTEyMDQ0MTkvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFxalFyQ3Uya3FrdlF0dEktT0ItdnNBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM3MDE0Mzc0NDIxMDU2NzIxOS96cmgvMC80MDQ4LzU2Lzk5OS8yNTgvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzE3MjY4NDQvMTY3MTczOTQ0NC80L3B1Yi04MjM0NDc0NDUzODQxOTE4Lw/Z1D8KvLOVXiyRl2J_mcUh_DTvJ0&nodeid=3784&group=zrh&auctionid=6370143744210567219&pbs_auctionid=6370143744210567219&shardkey=6370143744210567219&sid=12780336&cid=11204419&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%26client%3Dca-pub-8234474453841918%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
Server: MMBD/3.374.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: hkg-router-x70, zrh-bidder-x29
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 3923 7 KB
3 KB 1097ms
33ms Script
text/javascript 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//apn-indonesia.gishan.net&ui=adecd208-0000-0000-0000-000000000000&ap=&ti=6370143744210567219&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&pp=pub-8234474453841918&sr=4&de=43003&si=976241957&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2a00:c98:2050::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdSbFkyUXlNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNzAxNDM3NDQyMTA1NjcyMTkvMTEyMDQ0MTkvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFxalFyQ3Uya3FrdlF0dEktT0ItdnNBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM3MDE0Mzc0NDIxMDU2NzIxOS96cmgvMC80MDQ4LzU2Lzk5OS8yNTgvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzE3MjY4NDQvMTY3MTczOTQ0NC80L3B1Yi04MjM0NDc0NDUzODQxOTE4Lw/Z1D8KvLOVXiyRl2J_mcUh_DTvJ0&nodeid=3784&group=zrh&auctionid=6370143744210567219&pbs_auctionid=6370143744210567219&shardkey=6370143744210567219&sid=12780336&cid=11204419&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%26client%3Dca-pub-8234474453841918%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7c6a446de0518f95fc28d158a40f5a3748f830c7f82e177777152d0f3743f5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Dec 2022 16:34:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2994
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3923 43 B
404 B 104ms
35ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6370143744210567219&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdSbFkyUXlNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNzAxNDM3NDQyMTA1NjcyMTkvMTEyMDQ0MTkvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFxalFyQ3Uya3FrdlF0dEktT0ItdnNBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM3MDE0Mzc0NDIxMDU2NzIxOS96cmgvMC80MDQ4LzU2Lzk5OS8yNTgvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzE3MjY4NDQvMTY3MTczOTQ0NC80L3B1Yi04MjM0NDc0NDUzODQxOTE4Lw/Z1D8KvLOVXiyRl2J_mcUh_DTvJ0&nodeid=3784&group=zrh&auctionid=6370143744210567219&pbs_auctionid=6370143744210567219&shardkey=6370143744210567219&sid=12780336&cid=11204419&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%26client%3Dca-pub-8234474453841918%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3923 49 B
329 B 852ms
451ms Image
image/gif 103.229.206.240
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6370143744210567219&st=12780336&time=1671726845&nodeid=3784
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdSbFkyUXlNRGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNzAxNDM3NDQyMTA1NjcyMTkvMTEyMDQ0MTkvMTI3ODAzMzYvNC9rNXQyOTRaRGZ2TWtqazA5ZGdBNjFxalFyQ3Uya3FrdlF0dEktT0ItdnNBLzEvNC8wLzAvMjAzOTIxNi8wLzIxNTU0My8xMjYyMTQyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjM3MDE0Mzc0NDIxMDU2NzIxOS96cmgvMC80MDQ4LzU2Lzk5OS8yNTgvMmEwMDpjOTg6MjA1MDo6LzAuMDAwLzE2NzE3MjY4NDQvMTY3MTczOTQ0NC80L3B1Yi04MjM0NDc0NDUzODQxOTE4Lw/Z1D8KvLOVXiyRl2J_mcUh_DTvJ0&nodeid=3784&group=zrh&auctionid=6370143744210567219&pbs_auctionid=6370143744210567219&shardkey=6370143744210567219&sid=12780336&cid=11204419&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%26client%3Dca-pub-8234474453841918%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
Server: MMBD/3.374.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: hkg-router-x19, zrh-bidder-x29
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 22 Dec 2022 16:34:05 GMT

GET
H/1.1 200
OK request.php Show response
hal900014.redintelligence.net/ Frame 3923 611 B
773 B 111ms
59ms Script
application/x-javascript 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=e434c75727&subid=&uid=84409ecc48d0d511&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtE5AreWQ1HMTNwiIbvYW6w%26exch_seat%3D20035004448%26mt_aid%3D6370143744210567219%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_cid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%2526client%253Dca-pub-8234474453841918%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8234474453841918%26output%3Dhtml%26h%3D90%26slotname%3D6665169694%26adk%3D4146532646%26adf%3D3777922914%26pi%3Dt.ma~as.6665169694%26w%3D728%26lmt%3D1671726595%26format%3D728x90%26url%3Dhttps%253A%252F%252Fapn-indonesia.gishan.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1671726843929%26bpp%3D3%26bdt%3D319%26idt%3D204%26shv%3Dr20221207%26mjsv%3Dm202212070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D3037271748200%26frm%3D20%26pv%3D2%26ga_vid%3D166574806.1671726844%26ga_sid%3D1671726844%26ga_hid%3D969513582%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D300%26ady%3D80%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31071276%252C44774292%252C44779793%252C44780792%26oid%3D2%26pvsid%3D747749531072330%26tmod%3D1339775420%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DTwQCSq1oaE%26p%3Dhttps%253A%2F%2Fapn-indonesia.gishan.net%26dtd%3D222&ancestorOrigins=null&random=3431905927546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=6370143744210567219&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtE5AreWQ1HMTNwiIbvYW6w%26exch_seat%3D20035004448%26mt_aid%3D6370143744210567219%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_cid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%2526client%253Dca-pub-8234474453841918%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 3a257693de23c228078f0ac7196176e7899e7dc310be45ba39aa14a1f16c7e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Dec 2022 16:34:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 51017000110407806783183012181014
Connection: close
Content-Length: 330
Expires: Thu, 22 Dec 2022 16:34:06 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 542E 4 KB
2 KB 39ms
15ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=e434c75727&subid=&uid=84409ecc48d0d511&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtE5AreWQ1HMTNwiIbvYW6w%26exch_seat%3D20035004448%26mt_aid%3D6370143744210567219%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_cid%3D771c63a4-86fd-4601-aa03-591531cce54f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_lpO_IakY6CZDc-utwe344uwDc-HjptcwIbZgsYCwI23ARABIABglcKmgrAHggEXY2EtcHViLTgyMzQ0NzQ0NTM4NDE5MTjIAQmoAwGqBNQBT9AmJ2JMDdh_b0MoCVGymAnfxlzeGoGm3D-Gv4QILs95xcVdIaO7s3ogEKyzen2XjNzzn2JHNa9-RnGP5rfXorkCOCH1ClU_XhqHVs8ySvTeAySUN5ejeWc3zP978UlJc2iCGWIsRo7w4shHxD9QvKlWI_0_UxPXURbVgAJax-_-ASs0N6gL01fz4AWSU30YSIJDXtJ0n1tNy_A78w_rjeifIMSR139fkKtfvW_wkWhpr9YV-eRTa-o1vNh67Wy4ccnjzP3DTZFXlvibdxO3mbxEApuABo-M7N_xhffB6wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2jl4iibePISUE6aDxqOW6rShtMOw%2526client%253Dca-pub-8234474453841918%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8234474453841918%26output%3Dhtml%26h%3D90%26slotname%3D6665169694%26adk%3D4146532646%26adf%3D3777922914%26pi%3Dt.ma~as.6665169694%26w%3D728%26lmt%3D1671726595%26format%3D728x90%26url%3Dhttps%253A%252F%252Fapn-indonesia.gishan.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1671726843929%26bpp%3D3%26bdt%3D319%26idt%3D204%26shv%3Dr20221207%26mjsv%3Dm202212070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D3037271748200%26frm%3D20%26pv%3D2%26ga_vid%3D166574806.1671726844%26ga_sid%3D1671726844%26ga_hid%3D969513582%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D300%26ady%3D80%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31071276%252C44774292%252C44779793%252C44780792%26oid%3D2%26pvsid%3D747749531072330%26tmod%3D1339775420%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeoE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DTwQCSq1oaE%26p%3Dhttps%253A%2F%2Fapn-indonesia.gishan.net%26dtd%3D222&ancestorOrigins=null&random=3431905927546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 8c8a6aebec09429c373c72df3b3aeaadf1fdada85141ebc322ff43179ae0d920

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Dec 2022 16:34:06 GMT
Expires: Thu, 22 Dec 2022 16:34:06 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3923 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c060319599eac6d9efa18a91b97cd90dedff40d8a04258374d4ef561b4f71c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 542E 732 B
924 B 105ms
23ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60271222;click=https://hal900014.redintelligence.net/c/pfh9s0i5zhfsxax?tprd=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

39ba0a23857559db9a754fb594fdc302331bb6e21b2471e09a070d258b6986ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 531
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 542E 0
150 B 35ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=51017000110407806783183012181014&a=50c3a4b5&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 542E 34 KB
16 KB 404ms
25ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60271222;click=https://hal900014.redintelligence.net/c/pfh9s0i5zhfsxax?tprd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:06 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D76A 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQeWsGhppg3yaWqKF9JnhbYA2Q1te4d2ZdR3Ol2PmGJ1Bs30epvbwnoNcaQSfEyco4imNnsmw760QgoHsn4Lx5Vk89f9wA-BudzLNXQly4WfToqfzIniIP5_JnR3N6QIU57dh1YA&sai=AMfl-YT_IKsaLL747CfIF70PFOVjgBqAFDNG2pa0jGxERuUiM6ckFa3OLDP1ZRhaWiTb0dJMK5XAIoc643MATzk&sig=Cg0ArKJSzPOpbVwxOjYUEAE&cid=CAQSGwDq26N9y7e-CBmKgyInAKzHnsJUDmfjJjA6KxgBIBM&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4217415236&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671726844157&rpt=1480&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 32F8 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7pRHLrwFg0oI8_tHTj_OPMh2ikJyD_vtejYBYk5uaqKdTSzmA2srL_M8IWrU0xYlG8mi8dz-iARocvJ7-5bBuPyxi0FfqiprlwDnexHyA3x3fVsfrmz94jYozMgOzdiD6dMshZw&sai=AMfl-YQBOrGXTaCV_JQUbr_5NGsgIOwtkJOT91E5DbbRtoD9GZKbTcC6AMPawLsN269sfFOvwQ3svLwB65Y7Tjs&sig=Cg0ArKJSzLJhdkDEahpcEAE&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&id=lidar2&mcvt=1001&p=0,0,500,180&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671726844906&rpt=854&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCBA 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9vGvqbuV14JCMiadd468EOLOAzoKU89ZJfgHFsDqsLnGWj_L5OlJEsF4xftljQcnTK6uW2K5yKi4L4l-0FTRtYd8xKp-uEfA6SA_2D2ugjiEVsExqCYGNKxHC-4-naG8qmAWn_Q&sai=AMfl-YQ29C5XYm2FtadfIlX_3SbUCl52MWzrgbDKbDLBxDrHiaAtfRjEIz-JEWid46zugKcAL-k2kWL-cMB_kug&sig=Cg0ArKJSzB-xW-IrwcmvEAE&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671726844909&rpt=871&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 542E 4 KB
3 KB 24ms
24ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60271222;click=https://hal900014.redintelligence.net/c/pfh9s0i5zhfsxax?tprd=;js=1;adfxid=1x;1337;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fapn-indonesia.gishan.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e544698d5a22492e972b39ae37d12c7139b1840b293f366341246f77cc9f9a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2083
expires: -1

GET
DATA 200
OK truncated
/ Frame 542E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 542E 851 B
1 KB 239ms
14ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:07 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7735 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Iv5QrHi0yl0flTa2Gel6ugnIPf9OzK-wJ6DOdi5tOwbeXvhKKH26ZQVwsKJzqm6lGjq7lWhzJ-KactrS09a2QyXk47NWC3CC-Y2anF7rgr6Yni6by75Ai-nMc_gjdVXfZWVoXw&sai=AMfl-YQJzckc58a0A73IsxsgdtXxc84DElFRPpjIfn5ECbgLSDV_LWwmJv2VgGNs9zMgEasSMCJA-N5KCbc8d4Y&sig=Cg0ArKJSzGWUzIkhbCfHEAE&cid=CAQSGwDq26N9lvwasvmH5Jg_HZaxfCbVbNh17VkYrRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=792,1000,1000,1000,1000&tos=792,208,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671726844910&rpt=1099&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 542E 90 KB
39 KB 31ms
31ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 17:23:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 542E 35 B
478 B 23ms
23ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60271222&csi=iqMxxoPBGmSSj984f1Ppv9vmTaI8NFOCbrWtp0UYLazrygPkIxxfk6Tbz2qTsBeFPHbvvtyf5mQhJ2ccwTOZtt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900014.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900014.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 12153528.js Show response
s1.adform.net/Banners/Elements/Files/160090/12153528/ Frame 079D 3 KB
1 KB 23ms
22ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/12153528.js?ADFassetID=12153528&bv=516
Requested by: Host: apn-indonesia.gishan.net
URL: https://apn-indonesia.gishan.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx0000057804d4172a039c8-0063a44664-3293aae9-default
etag: W/"bb7571baa31c395d64904fd014b94179"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 1 KB
942 B 24ms
23ms Stylesheet
text/css 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/screen.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000aa1c6926b607d44e-0063a44664-329373d4-default
etag: W/"2718286dd1c324429c3275c918a7d109"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 079D 30 KB
14 KB 28ms
25ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 103 B
434 B 30ms
25ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/introfill.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000375e73b456838bc4-0063a44664-329373d4-default
etag: "eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103

GET
H2 200 text0.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 5 KB
5 KB 31ms
26ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/text0.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000e8ad183cd573b7c9-0063a44664-32941e2b-default
etag: "b40bca9f571a135a168188a0310caad3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4939

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 8 KB
8 KB 32ms
27ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/text1.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx000000e039bcfe5c6ca26-0063a44664-32941e2b-default
etag: "a56c343a6550b231bbebd7cd72bf5bd3"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7981

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 3 KB
3 KB 32ms
28ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/text2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da81576c4fa06d8a13dc4298437df6177081447f202124cf805e196e8c07f0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000ec0ffab2e9ebd504-0063a44664-3293aae9-default
etag: "aabc0d20f3ffc383038ba1ecca19159d"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2706

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 9 KB
9 KB 33ms
29ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/stoerer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx0000015870142ceabfe19-0063a44664-32940f80-default
etag: "d14eb5ec94009a4aab46ce7a5211ca15"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8832

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 6 KB
6 KB 34ms
30ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/disclaimer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000bbce113a3c64b83d-0063a44664-32940f80-default
etag: "2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5633

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 6 KB
6 KB 35ms
32ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/date.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 72f43919eb5e0887a2e13c0777d5de2b4a0e8eb249db55daa5acb7ff821d3959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx0000065052bd158ec4d46-0063a44664-329354d9-default
etag: "d2b196d82d3ee8c211a82a7ce67369f0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6265

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 6 KB
6 KB 45ms
42ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3c1487c4f97827b315f258a217ee1aea0a78b48834116fe2fcd97f2e111c986b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000c58998f5030ef0ee-0063a44664-3293868f-default
etag: "fd5be0705961195642ade861e57ef6fa"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6008

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 5 KB
5 KB 47ms
44ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/logostart.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx000007241b60b2727fd9e-0063a44664-3293aae9-default
etag: "0539ca6530d6756126aee292b52e0cf8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4815

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 4 KB
4 KB 47ms
44ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000cb5996ef20254f28-0063a44664-329354d9-default
etag: "926213b1f44a9786a29d0fa8b723023f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3791

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 9 KB
9 KB 48ms
45ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/model.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx00000f1f578ed8dda4779-0063a44664-3293868f-default
etag: "d01dbf544d6187b62332444035791eff"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9352

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 12 KB
12 KB 50ms
48ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx000000a002037f4864418-0063a44664-3293aae9-default
etag: "273432ea3cb408bfbad853f34722e5e8"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12092

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 079D 38 KB
14 KB 44ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 17014985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mJVUW9s0DU7IbVFIAjj%2F0jppJeGHTsienRAcAFfwsYA%2B5OAuJKqoPwwGHc3dq2%2FnZXBVKPREsEm6hHvDdT85S67CCPfpR4liPEJ4uHK49Wu5HA1YCxK8hv2jAR8ioBfzl4OT%2FpR122OUj9oyazMwuUH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77da435b6def9b22-FRA
expires: Tue, 12 Dec 2023 16:34:07 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 079D 5 KB
2 KB 43ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13381407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9X64aMs7WfHL1kesl%2FQ8kDRBQc%2B7Cl5icfqYAUbp5b6MnlSctutFDr%2FRuaFlntQnNpt7LZtNPhDtfZQfdXoLxfl5%2BcYFzXeV1QERmf%2F1tj%2FfzUHw9uiQyVqM5bHeHueARNiRUsmkromh7qV0C1oztCb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77da435b6df59b22-FRA
expires: Tue, 12 Dec 2023 16:34:07 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 079D 26 KB
9 KB 35ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18308941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG21zhEXNyxXy2npAy7nqyecvQFYiNTtFYWTWEFud1EzMJSmr3TvaOZ07Wleb2E3qqkrcGEzEkgkWIJVRjdMelXmuY8mdm2tRpMvbv%2FcGezxi6y6l2rE57iNB7IxsrZR5ec3H9jUFZNnrRwIExWGwCs9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77da435b6df69b22-FRA
expires: Tue, 12 Dec 2023 16:34:07 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/ Frame 079D 9 KB
2 KB 26ms
24ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12153528/bvpath_516/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 11:14:50 GMT
server: nginx
x-amz-request-id: tx000005c78d3240efa1b80-0063a44664-32941e2b-default
etag: W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 127ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?oz_pl=1&dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//apn-indonesia.gishan.net&ui=adecd208-0000-0000-0000-000000000000&ap=&ti=6370143744210567219&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&pp=pub-8234474453841918&sr=4&de=43003&si=976241957&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2a00:c98:2050::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.87.1/ Frame 3923 171 KB
54 KB 32ms
32ms Script
text/javascript 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.87.1/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//apn-indonesia.gishan.net&ui=adecd208-0000-0000-0000-000000000000&ap=&ti=6370143744210567219&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&pp=pub-8234474453841918&sr=4&de=43003&si=976241957&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2a00:c98:2050::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-43-221.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54838
Expires: Sun, 30 Aug 2054 17:27:12 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 31ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?oz_pl=1&dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//apn-indonesia.gishan.net&ui=adecd208-0000-0000-0000-000000000000&ap=&ti=6370143744210567219&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&pp=pub-8234474453841918&sr=4&de=43003&si=976241957&dm=728x90&ac=1262142&cr=11204419&ai=215543&c1=12780336&r1=2a00:c98:2050::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3923 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkTS80CfKJ9lie8TJpIemZNdhw8kcwyT46TWqaHZxdK_uMh9DezR6IK4xL42WcuyrOXP_0SpCm4_kyOzoOGYb9Apu_&sig=Cg0ArKJSzM5Dr8Nz6qtdEAE&id=lidar2&mcvt=1031&p=0,0,90,728&mtos=0,1031,1031,1031,1031&tos=0,1031,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=4146532646&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671726844152&rpt=2198&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 52ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726847382&oz_l=1112&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 44b39ff1-d3c2-4a76-be31-5e034260a535
https://googleads.g.doubleclick.net/ Frame 6430 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 542E 0
150 B 34ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=51017000110407806783183012181014&a=50c3a4b5&vb=v
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=51017000110407806783183012181014&a=dbff2529
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 16:34:07 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 32ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726847595&oz_l=5648&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 34ms
34ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726847747&oz_l=5902&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 31ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726847930&oz_l=432&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 09006ccc-ba2c-4b08-88ee-e3b98d2889e1
https://googleads.g.doubleclick.net/ Frame 3923 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/09006ccc-ba2c-4b08-88ee-e3b98d2889e1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 802

GET
H3 200 5.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 37 KB
37 KB 117ms
117ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa50b35c17debe8be9b331a4a246eec8d429fb8a65558d9f91c6055d6ea267d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 29835
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37519
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:34 GMT
server: cloudflare
etag: "928f-55d22b8c8ec80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NG81xJC3R8ULQmaccZtKCjPgnxFWU5nyh%2Bk0GlIxiLit%2BAb6oUtzmBiI9aZ0uckKmcErZL3MYJY8gXHJ%2FW4YNMQXnZZZT4iOZGKUGGdg1Xt0Yg5q8yaXYH9IL44OSJplyKUvxlj6telfN4IL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da4361388c697b-FRA
expires: Fri, 19 Aug 2022 04:38:54 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 130ms
130ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726848083&oz_l=10782&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/ Frame 3923 0
145 B 31ms
31ms XHR
text/plain 34.253.43.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.87.1/619621/AbYXj7IOEPd4psRV/postback?dt=6196211556140246740000&pp=pub-8234474453841918&sr=4&si=976241957&cr=11204419&c1=12780336&di=https%3A%2F%2Fapn-indonesia.gishan.net&pv=6286d5e8-b8ea-4b2c-8522-2dbe7e8570a3&ac=1262142&r2=&ui=adecd208-0000-0000-0000-000000000000&dm=728x90&ai=215543&ci=619621&pd=avt&ap=&ti=6370143744210567219&de=43003&r1=2a00%3Ac98%3A2050%3A%3A&r3=&sid=AbYXj7IOEPd4psRV&oz_sc=3e06a6e73e78b1e803bf4797&oz_df=1671726848237&oz_l=404&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Dec 2022 16:34:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 /
track.adform.net/serving/unload/ Frame 542E 35 B
478 B 24ms
24ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=9211943088986574952@@60271222,1462569078926444193,99|1080|0|0|0|0|0|0|0||37|1|||||1|0|0|YH9NXHvh-1ZcPlakbYq96ZUJ11ZZFd3Pp9oP_nkChvrbfjCEoYcZavL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900014.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 16:34:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900014.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 6.jpg
cfa.gishan.cc/static/s/img/ Frame 5BDE 43 KB
43 KB 16ms
15ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfa.gishan.cc/static/s/img/6.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4137c46784761054ff79a1930f4dfd2d91595850c0c5f7360abed4087ea4e4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cfa.gishan.cc/static/s/show.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 16:34:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dc: GishanNet-FRA-LIN
age: 1780891
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43617
x-xss-protection: 1; mode=block
last-modified: Sat, 04 Nov 2017 06:56:35 GMT
server: cloudflare
etag: "aa61-55d22b8d82ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUpl9dsVOXrYmoozrxRu2WuNpiZ0a4gcYSkwdFjFgUGauZxErgAVK0s3vqiQaYcYh0RQV7toxmKzOnt1qHnAFjgnWWndruAJoYZSWuTTRhjrLYg6IpIeoBckuXCoNRi8Vxz2OfgSHtaahWmu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 77da436d1acb697b-FRA
expires: Tue, 23 Nov 2021 10:47:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apn-indonesia.gishan.net/	1970-01-20 17:52:21	Name: __atuvc Value: 1%7C51
apn-indonesia.gishan.net/	1970-01-20 08:22:08	Name: __atuvs Value: 63a486fb346efefc000
.gishan.net/	1970-01-20 17:58:06	Name: _ga Value: GA1.2.166574806.1671726844
.gishan.net/	1970-01-20 08:23:33	Name: _gid Value: GA1.2.120582392.1671726844
.gishan.net/	1970-01-20 08:22:06	Name: _gat Value: 1
.addthis.com/	1970-01-20 17:52:21	Name: uvc Value: 1%7C51
.gishan.net/	1970-01-20 17:43:42	Name: __gads Value: ID=846465dbcdad9eb6-221f133454da00d5:T=1671726844:RT=1671726844:S=ALNI_Ma8RA5DIGdQuzVepAmSLsqId4-Rnw
.gishan.net/	1970-01-20 17:43:42	Name: __gpi Value: UID=00000b96ff8642a5:T=1671726844:RT=1671726844:S=ALNI_MZ4VXFfpNC75sK619nW7OztZLCmsA
.addthis.com/	1970-01-20 17:52:21	Name: loc Value: MDAwMDBFVURFSEUyMjkxMTg3OTAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 17:43:42	Name: IDE Value: AHWqTUmDZQpZodDBooVOvvu0TsziSncl8PBM6RbJjg-dGT65E8aQtieSddOJop5E97o
.doubleclick.net/	1970-01-20 08:22:07	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:22:10	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 17:07:42	Name: uuid Value: 771c63a4-86fd-4601-aa03-591531cce54f
.adform.net/	1970-01-20 09:06:45	Name: C Value: 1
.adform.net/	1970-01-20 09:48:30	Name: uid Value: 9211943088986574952
.adform.net/	1970-01-20 08:32:11	Name: TPC Value: 1671726846924

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/44b39ff1-d3c2-4a76-be31-5e034260a535' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-8234474453841918&fa=3&ifi=6&uci=a!6&btvi=2&xpc=Ou3itRCECq&p=https%3A//apn-indonesia.gishan.net Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-8234474453841918&fa=4&ifi=7&uci=a!7&btvi=3&xpc=93P8NQfbMS&p=https%3A//apn-indonesia.gishan.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8234474453841918&fa=1&ifi=8&uci=a!8&btvi=4&xpc=m8rqkSQi6I&p=https%3A//apn-indonesia.gishan.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apn-indonesia.gishan.net
cat.fr.eu.criteo.com
cdn.contentspread.net
cdnjs.cloudflare.com
cfa.gishan.cc
fonts.googleapis.com
fonts.gstatic.com
gnv.azureedge.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.mathtag.com
rtb.fr.eu.criteo.com
s.update.mediamathtag.com
s1.adform.net
s7.addthis.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
z.moatads.com
s7.addthis.com
103.229.206.240
176.9.26.250
178.250.0.160
178.63.52.121
2.18.37.133
23.62.220.135
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:3108::ac42:2848
2606:4700:3108::ac42:2bb8
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c09::9a
2a00:1450:400d:803::2002
2a00:1450:400d:807::2001
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::2002
2a02:2638::2
2a02:2638::c
2a06:98c1:3120::c
34.253.43.221
37.157.4.25
37.157.5.73
54.36.108.3
92.123.37.164
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00cb9040aedbf778fc7d5074dace93511098782c9e92a13c1ebfb987248dbc61
0158103dd0fb17c160ab9c4e55fe0b74a3408cfaad931c6d5a8b594bf1e35a7f
02b2ea4496b618318ac9ed8bff158a1e6703044a63ebd6b32963bb2355776915
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0341410b6808f873daed7de647c42d3a0c1696b7e5005129591c94d2c23af176
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
050be31c4dd3dcbadc80eeb4bb913bafda15d9d355fd358c327f253b0ea931fd
0651c292475b7806a90d1771113603db78ac9efd1e96a1e55257b75827a3674d
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
0775f636d5842351fdcce0dfb352a79a00b6a2ba66014e18228dea9b76ac5391
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040
088e0526e29e61213c10c22841624c63dacf37bbd86317226c24d853a9ac4543
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
097063ad1f6f35eb0890ff4ccd81fefa4c963fac76b16039bd8e24429e8ed6d2
0ba452e9b77a64c93f96aaae49eb7994fe9f62aa52f8ffa8fc8985267cec9f86
0cf508847aafb8dab8346775c849c74cb37deddf1841917e1d9d6e1224c88e2a
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d
120c370bb4b6ee24f70691de1f2f455f4fd337e786f60660ffe63349e59ee9cc
122c76c027e24c27ce007985611f4df857728af449c0945fee97bdb50fe16257
124811fba3b127ae7dc786d5be0d24198128be57761970a4b3adcae8d2e2868e
12d695828de4f0ecd713892b87b39884f86201e4c3a652c2f3b59b5721959d88
1635fbd5543f234d13a9755dd29e0764cd3cbe5aabea48499147e9412984d1ac
174882a9de80cf69ec7dc3290faeaeb42cf295d90e4d609b7c605818a807b9e2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db0271561efd5b08616b8e30c88794a9063613bdf42da757f5f2075f200a5cb
1e30ed88f9e373c0843e7e039c1b66e89bce38f31ca7bf0b2617baee494878f2
1ec412b0755c3e4b045452614439631c7376d6e4936250d0d57bcd5816e9417b
1ec4d3d0699cec4dac9fdc379d3259108b8fe20ed29ef79eccf0817c884dc6a6
205358691eb0b62530afcbe8e0bdbe1e96ed3c40a6010095308fa5103e6e550e
222c4b94b9d29a48203b0ab1ea3936237ad364667506f6538a64e9041b2e170c
266d44648d76ec983ee45913c0b7225c40409e8f63c0ec2186e3f1e064d38ebb
27ac31127a5b0892a41d4095953caed2b9d706bfa98ed899b93561f3020865c9
2d0f79fc1a165b8aa7175b2a6b43b186f870a562083ef6adbc9bc387f3d3073a
2d42e7392633f9666bb14777eadbd8a801448bfda3089d95028b6fc6846543e4
315a626a821604644f5468df3fb40f3e24ded58d3ca10e48d09ebdf034b0168b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c
349a0757c02687caf82ab0f7dc4861e302be3382e8396435e4c768aee756c61d
34cb7d14631943f0d7d8e5d27023d75dce16972966b0daa2905cdab54e441fc4
34e9616418c7bdb8d84ab8048a7be8d16be44011a31381a5ac87607f0362ccce
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
392ea594906e8e04b5bd818e5f56283fbcace26b7cf2945807f59d48424fcf77
39ba0a23857559db9a754fb594fdc302331bb6e21b2471e09a070d258b6986ff
3a257693de23c228078f0ac7196176e7899e7dc310be45ba39aa14a1f16c7e98
3b0abf452de26e791b58c202d6ad96d9301de3ca292a670842a113c4059db590
3b18b85061d073debee24ffdc2575ebb6a37940505093205bb5c20a8f29a960b
3b27f351d16d1aecf110ae7848db58d42b07398447667789cd3f16fa7639176a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c1487c4f97827b315f258a217ee1aea0a78b48834116fe2fcd97f2e111c986b
3d581fb985621ef384306f32f479ac60d7c78ef1762f65726b16a69fe3bed069
3dc7f6a5289eb14b5e89897ead90cc8909061e9b6a1a98d5529db8e7303d9613
3de415d4a47bdc82a0106c4b74397f2b4ee573023bbd360fcc72fcfe8545d315
3e06dde46c84ceeed3bcb9a02b522dafe6216b3ffc6ab5181e286c1752809a80
3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0
3f86f953011af18cb8596585038cdf2759b76d6536f54d29f0e444f0b5c0468e
4137c46784761054ff79a1930f4dfd2d91595850c0c5f7360abed4087ea4e4ee
42cc80741ade3b46ade00bcdc89253cab8cb30d5c3aec41ac18072dc708b75ce
4337a42beba2b09656143cff18e3be886961d7c35331b4b6dabd7c97598bec0d
43fd4e826310623307177969f5a60fbdce351b62ee482dc281d4282556bde7e2
44b6ada0173eb8fb3511cb49428af27c45bb016e1457dc34b50a9ae8d3767107
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47ac8280a8aa0d15093e42bce6fdb62ceb1d660bd4b59d8bce6c5227ec9d8c4a
4814065bf4c7901a85d62648b0b8d8a0484e8f8d3c17c2de2343bf174a1696a8
4a772ebc67245ec391ad7858e89ab95c3aa404e1bdd489eb3dbf48ff37f6384e
4aa3be35d050e31bb89cb85e99724a3b687ee79223d0155733e5cddcdf763c62
4b41473a26873211d2e6ce4af29aad920c21ed7115a76bd31c670a8b722ea77d
4c39cfe2e54cbff3888faee883f8064fce03bc207f7c73cbcc8a5a94c206a08e
4dacd45f29044bfcd3c3d9ade96438aaa661a07cebf08e2e8a3db7d616ff3a84
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0cc134a50260711b86b21eb96598b350792be9266c6317e3f33eea1a573e7
50684ad1e00c919186519a5a2759b39ca2d10cce8d8b7ee13889f6f06e7ffa2c
520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857
53e0f43fca7ec2ebfa462a6be7f34ac0a092ef8138b9063a1861a7b1a5f79e3f
54d81b8d41ba2e5a31a87155e2a27e2a193a59e5468e7c4ec0f186adbd4a4880
5527dccae6db8d6434359c94cdfe4684d674edca48f7502e6868d3c4a6b33b14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571134f4d3805b1e0106a43f3b97785b3be0a12cb1be82c4727627890acfab44
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
60bcfafd776bb788622c353cb4fbabdb4dc0bbb7ce15b61c186242c8bc12b841
60d82e8aeec109f1503f718ff74a4e9c31db90169d6734202f307b7338f37773
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e1ae6218645ef3f2d9ce5087ed2e2aeb7781c3adf8296a3adf0dd17ee06ad3
66ae78efe7a810f0183a878d1bf2a81d51468308659be67b325883ddc47ec4d0
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68a8b42131e32a0736885e57d3db5edcd10d28c593572cbbc2f06f077ee9a965
690b72737c03b052555f26a59ce164fc0564a4f76e7df56f48b8d4695f09cd11
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6c12e1209efcb45bbc84f530bafac68ece315a70dfb1732b54238bec65010710
6c8997f6d45108fcb3c5297c7050bc6c60452865474608caf891a545be2a345a
70c8238505852fb72d840431887b1692d51443d026230aedf1d67a5c6b376768
70dd082dc4a7b6d0ccbf28ba16785d13304e9253da7548b4101c47a2abf062f6
716850e5e2e4ba023bade251061da51b2a5f19e6748c782878125f494e252175
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
720c998df9a4eda79bd32326c3088db4cdd80fd0a87ab5997e88f6bb11770072
7275f0fb8158cedd2aca99a9bb760d297331473511835855cf2614badbef18ef
72f43919eb5e0887a2e13c0777d5de2b4a0e8eb249db55daa5acb7ff821d3959
74aa01eac115bcc948e8540bae8dacb813618c6d1fff2854999ce3228b986d8a
75ee53c58dd04ba5f1dd3e866cc0b3eae41338c654022fe0262757e6040d3447
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b7f6fde11555a4d4f5a85b1a44ca4340d5df9d1c9676c78600ec925288e14e5
7bddce4e4d866b4138b95e227deaedd243806addf60d75aee00faa2681f88012
7c6a446de0518f95fc28d158a40f5a3748f830c7f82e177777152d0f3743f5c9
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
802d9ec6f7c0d1ea17cbfd55c34137a7e19ff6ad916da97a10d1c9558d4cd5c3
804c752140c2131abaac3f8bc738646a08841ca6415fad4a2d6167140fd31e19
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2
821ab412424ec71cdca5bb331a2c3bd687f9398de11d2ff3b0085c607bf73012
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f855ee2464083deed90d8e781709c6848b5a52b7a79dad5608be1b390ab483
84013cabcd11f6cc831b7a9d145d7045cf0661cfd6b46291b25651a941a438d0
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8547a91ea61bd72b52471217427d176f84be53af5bd3f380c3c844c901d33a93
85b144fcdb6eccdba0e377f0f557e1032531cd0d9d59f0d14a2254b76970037d
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86e8a2a179c2c544e60fc53266934a1b7c9d1170c554c1d9973fde966eddc4eb
8778b5187080ebc3d1e7f398617cac6ec9474ff8055a9277e63d5fb852f14c2b
884e6aed408839a697bd770979dee28d048033afccb6426ab17af75242b7ebb7
88bd14f5979d1a4e7316cb19dba1a27a437e9423dc2a0c61be0a3e2565cdbfe1
8907fa8c7d432b422cbd8d363f620de7a753236a92e4dc72547e5f7e99a718d8
8a2ef1910cc75a038cccb86b1c61fc5d5f36296d59824226a23afc3bda092fd9
8b0f660ca9801c7e45d8186ae5a1f9db9074b9692b25919a9df67d9fde61cb95
8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a
8ba018d0a63d5959155ce9ba8d9be29aa26b0dacf4c54abb02ad15a8d368587e
8babdd5127fc0d97b929acd8f429d05f3ea21d2018342634121a1ab52d61a35c
8c5bce2b08586e2ca0d42596df315d4a17a9a2572e01e93bafeb26ccb7c683ad
8c8a6aebec09429c373c72df3b3aeaadf1fdada85141ebc322ff43179ae0d920
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ef53cce2cd6156763e4c1d2e20b0d872a69beba9daf0121f538cd4343b6eac5
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
9209b27a04396910366c0bc3ac620f5792e91d93f441b566a0139095f0733961
975b557e803b7f30b21d2e8ac2d2527f95f2b02f8b00370ed27ce538f343107b
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a68557240dbc6b42e288c7034c59bf1e21259044709d92f6674c1cda9f303d9
9be6e5768831c858af578f0c32792d8bc528524a70ce67cd947c964d1d619b29
9c126fc720c116f82a1b92a7a9b46319ed66c802e4bbbe769908e512f8835afa
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ebf331182f34565a0246fd0048f5a0fd53deb1bc70f8958237bd1a7ab4a611f
a07e1df9653cac37972aef7d89e8c9525094a3cafd1f43c0210b70aafa89c938
a1fff65093c0ed5693484a9cabebf3e49f0bdf3208132a9b123e14ab03fd1b94
a2cebf92a38ad1945b6f1ae29904d53d749ff25520647dc9dc94c00b049261c2
a314561a2869e5a370599466ecc565c936c96bbe1d63e91776a0ac5f894d3bea
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a7719aed751ceb8da695faee6b978a7283b727942438cf7cca913486b597ed
a5bc5b413ba83d81dce8e3cdb6ccdc394c115da7e00e96073479038813980b36
a5de8807401e6303a290296f73ddfbe5f6f433a6dbcf8353a23af00c452f7dc9
a76bf89e9884850b4308e97e9e35e6ebae8269f3406bc14aad1d6df0f27bc59d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8d518ac9fd3eec0ff910eabb32180a7c4edad8d773f5937b145ac52c65791d7
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
a9b087aad5d111e7513f8cd68811baaf1307e95832ad8a2963fc03549a67cbea
ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae4769c6c8807f71d2762969951ab0784316a14bc7c97ac2168e3e3ca8604d3b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221
b11164270672f25a334b6f5e93a25025b759b208013c9dfa5aa5a47bbdf7e703
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f3ad69138d51826277440b24b93ffaff7b14e95cd9eb78f1ec1f8f8a37781d
b28802baf1b8d4f04fb0ebdb5cb227fe571904eb9dee71397fe5fead73618b6b
b2ca52d963cd1321d1087300d8b8f44d7486653bdeab0b0f3e800059edec8763
b3c95e78082151f56b782c960e22dfd76d7df252440c895d3653b305dd62f9c8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b58a006bae7ec5e583cfe9386c2954a6894b9ccfb96d62bb92b34f5062c5ec40
b992c7c2b48f3b5e1a6a6e8ed33f7a117a760da34c6af56516335bffbd95175b
bbd94237a877f678cd7317236f502cdf982297b9b96d377c6645d74764befb05
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c060319599eac6d9efa18a91b97cd90dedff40d8a04258374d4ef561b4f71c7d
c252810f095d9056a0ef5533e47c51e3eceddb43b8aa09ecd9cb53f3508a18d9
c30ad1b502e03c8734382c09a61aec15c24268bac6df9e0d64c0fb553201c26a
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c5fa35c6976743f7f23cc7b446ed2519c99305596c1ce35148ae7dec007beffb
c671e07339391ebd23167e1adb1bf0d0cfb37ad31348e5925fddc24c5e12ac33
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
c901dccefe00f7a59e931f0f4e49f0fbc40cedfd079dfb29d1c9e8b7d27d3a40
c9f841d39aa939d32eccfe0ba975220d9c320183dab0341e2bc552e62c1e4221
caa50b35c17debe8be9b331a4a246eec8d429fb8a65558d9f91c6055d6ea267d
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd015d582d5b180c4df8a62c2830f9e24410f5275522c26139bfcf2ba21b8e5e
cd029aaac9a6863ba18f6090ffc08bbb74847c533f61d65cd8e9ead9b779f899
d54bab2eaccb3dce54106cac6939cd2ebdd2881c198a60a15ce870611b36a94f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da81576c4fa06d8a13dc4298437df6177081447f202124cf805e196e8c07f0f2
dac3869e75c0d8bee3f300c1e9b8cd6db6b2b4758209b207cfe9a61711e2382b
db76fb65ae8c3f4a3cf8f7b29401afaf43a23220abaca7c990cac92c16f59763
dc619e9c6b10702508f4c8a1fc671ca7e3245ba73197c0d6166514f00ef4eb73
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dde6984d528ff0cb7d0858a81d2379ad09ad1f516f854c37c69cb5a61d6a98a5
df9a32c2b4cb946698047afbde1d46122136a1906b3b8eca260e2f11e49cd898
dfeebe9003ec66658e776f1d8797e3c095527316f03711b0b26b7d7b37ba7259
e00a1c438c19128209b69d9f6a3271e8a6aa84178883fd27a983ea782dfbeb92
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544698d5a22492e972b39ae37d12c7139b1840b293f366341246f77cc9f9a6b
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7
e6f9d7ce4e753429165160e4bd93c7f8fbae787510cc9655ff8bc61ffb451ae9
eaae5329ea150d3fdf50ddec5ece9dc7602a0d04db768c14e301341b1cedb4b2
eb23bf8e7533eb545e689324348557fa821de53f9d3a68e1030734c84141b5e3
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1486998fe3683ca71ef88ea96871619d791d89f8bbcd863c67b2a1f6a9a9706
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f348bb4ae0699b186e6055db2b1142d872a6a3377a1d1156a3f24451925a6793
f3ba9ea50fe0559d833e8d1f6faf40539733d9474531aa1e92659db1fd099b6f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5dbd3ccd1434ad3c794e1d859039531f48fd62f65ed7f1988e54c7e786ee8ca
f63f70f74982c93f8f1b40ae25b7d4c9d169a603e39028909f03f52489311d87
f6b2e9d35cd38382bdc4aa9051ab2219c205c87a089891a1b6f8ee75a1f01e8d
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f78ef40994d4e7d568083f8319595e7ae176d1fb2afb6bc3c3c5747c7c548b0e
f906d28b0f97f70a5d27d920b7fa4133d8a5e3785023cedb7911c3e9c40eba46
fd09c129345f306d15d4b7a6f04bb7dfc1a5964a10ca2e74ed6635f0fd26ef99
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff243ffb9c6a1c985bda17aaa7779ff587f169cd931d73c1f48a9dbb0eaeb788

apn-indonesia.gishan.net Open in urlscan Pro 2606:4700:3108::ac42:2848 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

311 Requests

99 %HTTPS

66 %IPv6

23 Domains

33 Subdomains

32 IPs

8 Countries

2399 kBTransfer

5339 kBSize

16 Cookies

5 Outgoing links

Page URL History

Redirected requests

311 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

apn-indonesia.gishan.net Open in urlscan Pro
2606:4700:3108::ac42:2848 Public Scan

Screenshot
Live screenshot

Full Image

311
Requests

99 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

32
IPs

8
Countries

2399 kB
Transfer

5339 kB
Size

16
Cookies

311 HTTP transactions
24 data transactions