s.id Open in urlscan Pro
193.84.85.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.id/beeesdssd
Submission: On October 27 via api (October 27th 2023, 8:54:00 pm UTC) from TR — Scanned from DE

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 10 countries across 24 domains to perform 96 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
18	2606:4700:20:... 2606:4700:20::ac43:4b68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c184:4582:9358:8e30	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
96	26

1 193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::ac43:4b68 (United States)

ASN13335 (CLOUDFLARENET, US)

microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.228 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c184:4582:9358:8e30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	412 KB
21	s.id s.id — Cisco Umbrella Rank: 158997 microsite.s.id — Cisco Umbrella Rank: 628691 app.s.id — Cisco Umbrella Rank: 507982	1 MB
20	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	87 KB
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	632 B
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	597 B
4	gstatic.com www.gstatic.com fonts.gstatic.com	62 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846	69 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	251 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	651 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	118 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	300 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	714 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	545 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	465 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	584 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	612 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
96	24

	Domain	Requested by
18	microsite.s.id	s.id microsite.s.id
14	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net s.id
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com	s.id
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	c1.adform.net	3 redirects
3	cdn-sdotid.adg.id	s.id
3	www.googletagmanager.com	microsite.s.id www.googletagmanager.com
2	sync.teads.tv	1 redirects s.id
2	d5p.de17a.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	app.s.id	microsite.s.id
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	r.turn.com	s.id
1	ad.turn.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google.de	s.id
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.id
96	33

This site contains links to these domains. Also see Links.

Domain
www.likaracklswe.com
home.s.id

Subject Issuer	Validity	Valid
s.id R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
app.s.id R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adg.id E1	`2023-08-30` - `2023-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://s.id/beeesdssd
Frame ID: FA5A992BEF2249DF1963372ABA45CF78
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 3FC1F54A5AFC6BE76C95AD0097123C81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1698432834&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034415&bpp=6&bdt=128&idt=225&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8772645310543&frm=20&pv=2&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: 5C7AF3E265CB8DE9630DEA523FEE73E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5
Frame ID: 612AC10450B1F83CA24A3D9B8EE8593C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1698432834&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=1&bdt=607&idt=0&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0%2C500x280&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KroStUKlip&p=https%3A//s.id&dtd=9
Frame ID: A8A4F9CBE919D79492D128A9D7F56986
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13EBC524E575AA1D4162536CB370E71E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: B89B2F38938A8DCE8DE46348F6897E8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3D51F04E60088D710AC7D6F65E611631
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDDE4187E5E52AD92D5539CC1DF6DCEF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: 0BFDD2858457C92755ADF56686C22BAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45AE67D2BD5EB7113FEB64640396CB45
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9893738F54D484A5510CD33048697108
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

güvenli destek

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

96
Requests

89 %
HTTPS

55 %
IPv6

24
Domains

33
Subdomains

26
IPs

10
Countries

2047 kB
Transfer

5885 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.likaracklswe.com/
Title: TRAMER SORGULAMA

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=beeesdssd

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1&google_push=AXcoOmSxJKEro1npxx4IZWB39peg0bD-TjWxxpE0oN3vxUCvYGeDvn1VFaXiwgutFHa8yO6EsUFNxd_mi0tAA2u79En71e4I970tZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg2ODAzMzg4NzY1ODk5NDgyNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1

Request Chain 51

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBAMjbZiCp0-3zt9pEnkjFs&google_cver=1&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ8DOdn1PK1EqNkaHcbzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ8DOdn1PK1EqNkaHcbzg&google_hm=3JiQOQpeSuGEPDpX8nWILMk

Request Chain 52

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA_9tfxj4b3kGEje5oeuoZY&google_cver=1&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61lAoa3fz2Pnm4yaP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDc0NDQwNDU1Njc3MzUxNQ%3D%3D&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61lAoa3fz2Pnm4yaP

Request Chain 53

https://d5p.de17a.com/cookies/google?google_gid=CAESECIgbpnHUOOLlZr1o6V4ido&google_cver=1&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECIgbpnHUOOLlZr1o6V4ido&google_cver=1&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg

Request Chain 54

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMI8ZySyUlGbnzjK071Ht-k&google_cver=1&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8zOIaOIU6HC2dQ2lzvCli8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMI8ZySyUlGbnzjK071Ht-k&google_cver=1&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8zOIaOIU6HC2dQ2lzvCli8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8zOIaOIU6HC2dQ2lzvCli8

Request Chain 55

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIywfajmmg1G6GGclLCVBKw&google_cver=1&google_push=AXcoOmTnZO0PO6ZKhun1Bn0WmjdvzgzmYtFQhdePcA6LU3ONSGLRphdTA73NFSi5pGFqj0vGT5-_JBm1bmckI4pnGkwmoDoBACRCr54 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTnZO0PO6ZKhun1Bn0WmjdvzgzmYtFQhdePcA6LU3ONSGLRphdTA73NFSi5pGFqj0vGT5-_JBm1bmckI4pnGkwmoDoBACRCr54 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 61

https://googleads.g.doubleclick.net/pagead/adview?ai=Czgf-YiM8ZcGgOYuxiM0PoY84ooi_1HGowZSFpRLsw7WrrgEQASDKhNqPAWCVqpSCoAegAcCj4d4CyAEJqQJK8ywF5buxPqgDAcgDywSqBMoBT9DuoNoyVmQt7Q2rN1F1sAUCl7qwkqe_vPlTvzViZqJxPdI6OVbwCZAQBKtqSdwZaJvbWWYS-MoWcqngzlgEFrnXOagsMVZfKJhtBfe2iNG4Mvd6Z5ol4w3t6UvuXno8PYqS8I38GrjX4GILd1vzamaEPwpcUOjipPpdkKEir1E62_bV05Q4d-nfxsng8fjB2zs_EVPnvJeRTNprWzGy30BAuhJUEBL-xqwyvtMLwGYZzEkg7iP6MVK0DHrNo_gA4s1sbUzMKyr3icAEy8vSsokCiAWky9fCB5IFBAgEGAGSBQQIBRgEoAYugAeo3J6hAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJKVBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTNodHRwczovL3d3dy5yYWhuc2NodWxlLmRlL2ZyZW1kc3ByYWNoZW5zZWtyZXRhZXJpbi-ACgHICwGiDAwqCgoI5LSxAu61sQK4E-QD2BMK0BUBmBYBgBcBshccChoIABIUcHViLTI3NDIyMTY1MzQ2NDA1NDUYAA&sigh=gTqBVmYDcnY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNS8iHE7i4zw8-zwwdd3e0aTh1U5dlpvDw_AyhOZ3WSWXB904O40UxVSIQh6JMvy5cVOhn6S3UoBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224927479396274235974%22,%22debug_reporting%22:true,%22destination%22:%22https://rahnschule.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22735596992%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22640500877465007089%22}&andc=true

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECV1upsZymCEeHRd3_klHhc&google_cver=1&google_push=AXcoOmSZP_NpHhs15FY7TPVRHsbZ54LlhR83ua2xpQi-AsiXZk-2uA1CCveqqWt7-_b-rqGj2BQJWGWyuB7H7poO_4IVBKqvUULMELY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECV1upsZymCEeHRd3_klHhc&google_push=AXcoOmSZP_NpHhs15FY7TPVRHsbZ54LlhR83ua2xpQi-AsiXZk-2uA1CCveqqWt7-_b-rqGj2BQJWGWyuB7H7poO_4IVBKqvUULMELY

Request Chain 79

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDp1UFCPAll23qqsFxTaCjg&google_cver=1&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSCSCCwO4io HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSCSCCwO4io&google_hm=eS1Qc3hQNU1GRTJwSGxmR2doNDFmTTB2bzYuUE44VHpfYn5B

Request Chain 81

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENXucE2muzSChHc2vv1VnBU&google_cver=1&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1kAXyQYZUH7AZd8di4kVbhYbLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1kAXyQYZUH7AZd8di4kVbhYbLg

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck-_2YiM8ZZ3cOI6wiM0P88q1yAaZs_Prc9vN3ZD6EaTn8u2VAhABIMqE2o8BYJWqlIKgB6AB8OPHuQPIAQOpAsNgEEQJiGw-qAMByAPJBKoEvgFP0I94tbat1d2G655X1bYKlBDoL3sje1V9qUaMi0qBZWkcAHHq1Rc_rRYTMEGTkKIZHLCNvDqMpCbrIXGF1un4z1yVnIxuj3IXJs3M9OczNOQAIXGggWstP3urgji8xe6n41BPo1udLAyCJwCvm7kk9Y0gZ_a4jvEaK3biwgFDrS8AGOrNTcrcn-bka851Q068DVACNDuIFOdtlUd5_xB2fU5PRjiDJlAAiHJcT6OZxFoR5BgsTQ8XD08myL9awASL7MbbuwSIBY_artRMkgUECAQYAZIFBAgFGASgBgOAB-zUkrIBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwO0N0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJSGh0dHBzOi8vcHJlbWl1bS5vcmlnaW5hbHBsdXMuY28vNHVrbjE_X3N1Yl9hZmZfaWQ9cy5pZCZjPTY3NDkwNTExMDg2MCZkPYAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=zEh6X4YXkAY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNOoUfQdkg47yPfmuMbQkU-U5r9B-zEeRoeMXr2DhUa0WefTe8VDu3eevOO5nwUi09nsgDYj0fShgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217865588751485378957%22,%22debug_reporting%22:true,%22destination%22:%22https://originalplus.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22926020080%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226946637920319793361%22}&andc=true

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request beeesdssd Show response
s.id/ 12 KB
4 KB 1234ms
605ms Document
text/html 193.84.85.178
STORMWALL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),

Reverse DNS

Software

nginx / Next.js

Resource Hash

32cb8883a5e6d8471d36ee07a5ce769bb4356e5be0271056d137773a2a069020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 81cdd4c4cc8789aa-SIN
content-encoding: gzip
content-length: 3929
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 20:53:54 GMT
etag: e_1696766579
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Rljoo1PT13ik157Wqzr0RBuahn3%2FK4eYwHt2qwKTFrQsh6rUtLb4YucHe6Bg1Y9yu8%2BM8QlAnK0JzoFkAQbJXbHfO2ZRuUf7X9V9JuPZgt0AmEQOpy178gbj%2FjgGfrb"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

GET
H2 200 b0910a28efca4015.css
microsite.s.id/_next/static/css/ 116 KB
18 KB 72ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/b0910a28efca4015.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa24e540ac0d9310e9b1966fef6fc0d8f931e47f694f071a90603c3a3bf013d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119881
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"1d091-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k%2B7kDo5suralwC9Cbgy%2FDmVq0oRZra4fm8AVUHbvc00Wqtce7KiBiqH5sVdpI49K%2Bjdq5D4vM6xXSwLqorm9i0EqEfL9lwzalrgb9LhZh3%2B2nGxxX4gQPPNZAz497IWVT7W%2Bo%2FKe1JtH6Ql"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6982018ef-FRA

GET
H2 200 cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 22 KB
6 KB 70ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121393
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"57d2-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp5VcRtESYYcf9j7xl2NEh9bQjo3u1DDKB8PckIpeZymPrIaCgf9jlJJnmga3OecpisidmtfmiNs%2FAonp%2Bf3itVuZF3O9uv%2F8jcNlOQE3%2BAat1eAkU%2BLp3ebeR5PdX1c2b0xl%2FA%2F3%2BhErv%2BM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6982418ef-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 80ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a159e91f80d252188b05d118323118f45a77599185245a7b68f4b0df0b9d1664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51034
x-xss-protection: 0
server: cafe
etag: 2390501504395371818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 20:53:54 GMT

GET
H2 200 webpack-472a4710d132fde9.js Show response
microsite.s.id/_next/static/chunks/ 4 KB
2 KB 52ms
20ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-472a4710d132fde9.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d307c43dd1bbdaf5f96e45c815cb97f9efdd8e7fa93db548fd239f3cfb4113c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122288
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"e46-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn5P6ZNNqgoJ2rXpxtSp%2BRMJQHG0VuejmbdJz5mVRt%2FTbwuF%2B%2B7qLvOGDmaK7XpJPDg8yW95Yez1F35EUN7XDnM8s%2BTfiNoS0i77g12JrZBb4o6Cecd9kEEOkPOtlD8%2B4s1gZ7MNNVYgigv3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6982918ef-FRA

GET
H2 200 framework-56bc1d2b5d8be648.js Show response
microsite.s.id/_next/static/chunks/ 138 KB
45 KB 37ms
31ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117625
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"226f3-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBukpdGIaGmfgsUKhdiYZBj7gW4g7tjCoFTk0WML89ekkQpenCQP4IIHQU7pb0suRem2uthgsssAIbS2ob0C639KdbSLfGggEFS6KzqyDI9yi%2FxNyissyaUwsKPwmeyJwLyE3HudSR%2ByyxkQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c85b18ef-FRA

GET
H2 200 main-559dbfa8afd7d7a2.js Show response
microsite.s.id/_next/static/chunks/ 97 KB
29 KB 30ms
23ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119879
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"185da-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN%2FB1UTn1m%2FWIlDw8c3p8tFVTnGbrIw7iubfvCACjiIme7LyRiwRe2YI1lZ5%2BPtpwlnZOP0vlrzMDOKrtJ3IbY08KQyY0%2BkPkgfPyMbN9q768U599tzMY2ijZ7GRQ851RvH0G1MlRUz7ZDh6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86018ef-FRA

GET
H2 200 _app-37eb91dacf94d9e6.js Show response
microsite.s.id/_next/static/chunks/pages/ 275 KB
86 KB 42ms
35ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-37eb91dacf94d9e6.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31aeb49e63d1601d0277efb46bae4cff27ccf515a5b5ea76480cd7aeb879a76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117625
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"44be2-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fomSmZ9t4G%2BsvIY6pQiy%2F8mXMTQ3Bm3UAY5AhFg7yNKJjQxf7CtZYW%2FVakaBoOs6qIQdmFL96iuhF95o1ofcKuwCk99sXVg2vsu39el0%2F%2FPto0tMDMPEfX539LRm7iOIezdCOBTZkAgC0nHL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86118ef-FRA

GET
H2 200 f85a1fd0-0ccc9e26436af44f.js Show response
microsite.s.id/_next/static/chunks/ 476 KB
74 KB 38ms
32ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117625
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"771a6-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irJpi%2BApkLHpG82pG4X5arYpbL%2FH3vIN5fHsk7aJwPBaCgN75%2BdaFDjRNFdw0U9BPiIu%2BpLl1FCUdJByJeLh%2FQ21rh3cUuTuLe0H2EXyjfYx7XIdIz61lUbASzs2iGpu%2B80GuGWsP%2FP8%2BfI3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86218ef-FRA

GET
H2 200 347dd6d2-909e20e25b7384a8.js Show response
microsite.s.id/_next/static/chunks/ 948 KB
283 KB 44ms
43ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118187
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"ed138-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OrlXgJm1CvXPAF5frwHxY4n5uoawBD%2BuS1ZLGCW%2Bn%2F%2FcLHG77cVDPktmiZngS0SrI8wQxFM6tRLIx5gm%2FD4yivO4mHFxatjOMPSQcYmCad%2BbNRCQXRbk733053FEKeb9zRg0%2F1uhMFl1GqT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86318ef-FRA

GET
H2 200 b7322211-d279212bc11c825d.js Show response
microsite.s.id/_next/static/chunks/ 501 KB
212 KB 47ms
45ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122288
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"7d3a4-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq9edVlfUoumxzKYwdzXxRJto%2FGYp%2BeIx7vSWw8HD1mO2k0QYvL7sStx%2B1MLecDYAQxK8ofIbv%2FLkvi9ZlnTg0jioKRVMJq%2F0G17D2b%2F5wKFEkRIJGorxUNxLyNRq1Tk1juXffWMP0dJCH3e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86418ef-FRA

GET
H2 200 826-1c8e84aa5fd5d8a7.js Show response
microsite.s.id/_next/static/chunks/ 636 KB
190 KB 40ms
39ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/826-1c8e84aa5fd5d8a7.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10aeab6daa0f60489841182d089a82b7b851def405ebd4bfd006e3c8f5d76432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122288
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"9f10d-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEBDVql%2Fn0eQU%2FntF42PAa7uW4d%2B9OvHxjG6kxQGY%2FD9trFd5D1Vl%2FgGGTq88lzqvWoPMvfkp%2BPtutefysDg4JL2xi2Fils2RL3ZMHDu1GAZBzzVD1ZE%2FKA2z%2FehVkq6UzGlCm2PbkW4pRf7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86518ef-FRA

GET
H2 200 %5B%5B...any%5D%5D-6bd80a72b6cec09f.js Show response
microsite.s.id/_next/static/chunks/pages/ 171 KB
39 KB 28ms
26ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-6bd80a72b6cec09f.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2bf8458d4b22aee6d0a7e9aaaf9cfc9007ffe2d0c498ee0228efee1ebd54822

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122288
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"2ab03-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYCl1R29Y5g9T5o7L5kreHf%2Fu3UbFTljrDz2eIcQCdS1sfzqzd4RcAXvBT1%2FQzgLLiMxbj2IRzp4guZdYslfEpoaEDb9BQuscpUW6g0IWT5zEm%2FxPbG%2BIhUZlBSMTdA4QanVBbMzD1%2B%2BsMpn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86618ef-FRA

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/l7Ke51irV5QuQ12h-C4TF/ 578 B
614 B 22ms
21ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/l7Ke51irV5QuQ12h-C4TF/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

260ed6b8e38c9a7ad120552f6430ba3d2f5eeb6caee33181d7adebed6edc862b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 122288
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"242-18b6af93d68"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD1pI9BOadN78yWb7EZvgo76G7tP3oScy9LXzM7SNlPVWM7SLqRgWrRsmGGYYlMkZ6C29KmF7M%2B7zPqYE9yJjjKEZZXe63sbwmsE5UmYpBGtg7kox%2Fa7CBYlYorgZTsLc6U0cAoLWFERSUQp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86918ef-FRA

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/l7Ke51irV5QuQ12h-C4TF/ 77 B
346 B 27ms
26ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/l7Ke51irV5QuQ12h-C4TF/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 122288
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"4d-18b6af93d68"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9Jsce%2B9oI4Ea4dBozrMEisxMC4S%2F4efK9ykbDBIwrXf94id9xYZqnC9W%2Ff0H1tgr10ZIagfoqIjwxZraHCWoY8EI2bLCL75GhknL78HwfoedelXJalLtl1WxVJihLYTLM1KiT63cN8bLsd3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c6c86b18ef-FRA

GET
H2 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
841 B 314ms
267ms Stylesheet
text/css 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4ddTtA9U0pGcAxxiSb9%2F4KrqEKnANTcPGiEbRGKv4XQc64iw2p08X61T%2FfW4EgP9eERr9mWbaylTVGcyDIMRAIe0UEx7ExvmxokV7i6Mf3mHpAEkecwB9eDoQEYnx09v4kKOORaDqzpnYn8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 81cdd4c6982518ef-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 work-sans.css
microsite.s.id/assets/fonts/ 4 KB
729 B 396ms
349ms Stylesheet
text/css 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/work-sans.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk0H3vcBWrAUEOIEnhcNScF6aKek%2FVlxvSInuv4noQ6srw1PvFUW0nYdR9cZxS5%2BnVgYEc9XBtb2FSuhV8L820p%2B7IXpxMoHSQQQLkmf7GB%2BfepnHpBdJu46rC8%2F0ZFwVx3onG6wOL2wnoi7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 81cdd4c6982318ef-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sid-neu-logo-dark.svg
microsite.s.id/images/ 8 KB
4 KB 420ms
373ms Image
image/svg+xml 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGh8Oos2O5RvYW5KyAbxMeaHRYauIiC4WQap%2FgxfJ3aItorxYU%2BHxVxRFbvosdu%2F9ncbDeVU7YTWOayJp%2B4QZNybGViOlW48ASS0IuKthUjjgmhYZshl3AIdg30lkuApffBUyIo1TdB93rJ5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81cdd4c6982818ef-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 395 KB
134 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90a9d26d9c18ef90292a31459a3e253ba6f89b2715cde00da82a10114ecd4e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137226
x-xss-protection: 0
server: cafe
etag: 10351528524811573776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 20:53:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 3FC1 10 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 19:30:12 GMT
etag: 4569948109300706969
expires: Fri, 10 Nov 2023 19:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
597 B 37ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s.id&callback=_gfp_s_&client=ca-pub-2742216534640545

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4c5c11a50d6451fe2163be545a3a72532b6d1b4869acc53835f9fb75ce5edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C7A 0
188 B 217ms
216ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1698432834&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034415&bpp=6&bdt=128&idt=225&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8772645310543&frm=20&pv=2&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:54 GMT
expires: Fri, 27 Oct 2023 20:53:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 47 KB
47 KB 665ms
353ms Font
font/woff2 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/work-sans.css
Origin: https://s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4VoawVVIHsjXyQHdGUUkvBO6kKtWpl50SeSnjLgP7WClq6ZH3NBRBoATIaBy2x5hjNkkh01tMyBK7nTJdI4gUVrU7epCXYq2kyWRAxFXsKjSyTNVU74HHeyoUvD2RCuB%2Bo4YakP0yHp2AsN"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 81cdd4cbb9fa37e8-FRA

OPTIONS
H/1.1 204
No Content adcap
app.s.id/api/ Frame 0
0 817ms
260ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=beeesdssd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://s.id
Connection: close
Date: Fri, 27 Oct 2023 20:53:55 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 506.9f321d440064bb53.js Show response
microsite.s.id/_next/static/chunks/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-472a4710d132fde9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118999
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 07:53:21 GMT
server: cloudflare
etag: W/"44a-18b6af93d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78cvxsnyJ%2BuabgNDMov4fklou4EjrfHMh9DbUHtfm1kH3KIcOFTgYEZx3qVJF3nXxGRTGrO1HFxSaR0ueVS4NBocCPBdFRKQ7Z5VzZkVufkrld3KHzNDJ9IWAHNTHSwSofXJ1Z%2Fbs0K%2FC155"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81cdd4c9dbde9b71-FRA

GET
H/1.1 200
OK adcap Show response
app.s.id/api/ 36 B
703 B 781ms
262ms XHR
application/json 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=beeesdssd

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-37eb91dacf94d9e6.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1698440035,d5w1nb,d324b49d4649a94a64658fecf5a47dcf
Referer: https://s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 20:53:56 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://s.id
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f302e1bbec8d58ccb5c292aeee7919dad2c047b2a6a2b6f19964515c888519d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 20:53:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 59ms
37ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da3da807e4417985b31a972caeb143a617c2cb00522cf95cc674eb223e0e8cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 20:53:54 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 612A 105 KB
40 KB 1677ms
1676ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df710eb871327b8e0877e822224d3f68cda0bafa996a9ddded7ec578f5e7043e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40481
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:56 GMT
expires: Fri, 27 Oct 2023 20:53:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8A4 116 KB
40 KB 587ms
586ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1698432834&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=1&bdt=607&idt=0&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0%2C500x280&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KroStUKlip&p=https%3A//s.id&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be7f897eeae726ee151bbe6f566ed430986dc8923261528fa6132451a7749caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41115
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:55 GMT
expires: Fri, 27 Oct 2023 20:53:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f39a2c87-8421-4ad2-acf8-605bfa4ad6eb_640x640.webp.jpeg
cdn-sdotid.adg.id/images/ 6 KB
7 KB 106ms
53ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/f39a2c87-8421-4ad2-acf8-605bfa4ad6eb_640x640.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0edc04c0cd44afe889efbba9d37412e45656459509c12b4bc354cd10e0fe1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
x-amz-version-id: PbG3Y29gTcGQ5qspLzvEYnZRB_DQ0WB5
via: 1.1 987140ac9e21c2b752b3eb802ce4a7a0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: LHR50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6284
last-modified: Sun, 08 Oct 2023 08:04:21 GMT
server: cloudflare
etag: "8745f7c8d5dedc44eaa0039c1d16ba6b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZ8%2FecIl1p846E5ig6F6kxtEoPtzcCcbS0b0ChQFQd5asn6ARsxc5%2F5zLnxe09edeoN8zX%2BZwNnO%2BtGOD3ZbqJ68GNTVmL21cd4VGUOo%2BvltpK8N82BpfOpSeINVfoh4LHDJeBl%2Bn6riwiHPMbwFLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81cdd4ca8efb9948-FRA
x-amz-cf-id: tMFdX-Do-vkdQcfSP4URqDZYRYpizwtPjmvL11ayv3JbBDSaVslI7Q==

GET
H2 200 afa20278-f645-4339-ac36-3884689b8a5d_425x424.png
cdn-sdotid.adg.id/images/ 31 KB
31 KB 918ms
865ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/afa20278-f645-4339-ac36-3884689b8a5d_425x424.png

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d0198d5674d87b8851607a5ce670c30940fb270a96f55fa0b1f0db71c9e565

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
x-amz-version-id: j1ggnmt0rlT4lR5i_erIQldecYrh2Uh1
via: 1.1 40c02fa738be015864080761fca661f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: LHR50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31467
last-modified: Sun, 08 Oct 2023 08:12:36 GMT
server: cloudflare
etag: "74b26f6c18ea368d0b5c044321d0277a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU%2BzK709I1vZkaKNK1Z0XDKeejvwPFwl9SZontvLbLoOgZS%2BmnsHE8HdV6Rh03iaSikkHE4%2FuZzR6qUGO5RieB6HjO677bCWc3ttNWetQF2Cu%2F%2BOGGMlEvrkjsAhEwNJsVbFYYW2oUohzRF7tGWV9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81cdd4ca8eff9948-FRA
x-amz-cf-id: WREG_DxHmVTnWfsKZisgQyRB9wPxn094X1GgN0AE2obDT4RROI-qiQ==

GET
H2 200 32a3ee24-4b2b-4890-89bd-45726ba44633_425x424.png
cdn-sdotid.adg.id/images/ 31 KB
31 KB 939ms
886ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/32a3ee24-4b2b-4890-89bd-45726ba44633_425x424.png

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806c1ef5fc100326a319743d38db306c95dddc723f8cdfe5449e2802e1b5fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
x-amz-version-id: 3xn4sUQdOPA57llBUGZVPmiRUmETRfUS
via: 1.1 a80cfefba1e25a9103271d8bd22be77e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: LHR50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31475
last-modified: Sun, 08 Oct 2023 08:12:47 GMT
server: cloudflare
etag: "bd06921f53c4d121a0d8ec2b3a3ff474"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmzdx%2BEhCLJ5nbUnf4rWXFEAheYJKoW0GBGZAdhvRlXNIcE4c4gRXbn6AzyTJFcTlNfyioWDmyAv569muQazPJJdu8L5WtjKbc4IRFZx7km7mnVxEOSLMYXeMsXK9ISCXNwn6CkDE9gyLV0yho5Xow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81cdd4ca8ef79948-FRA
x-amz-cf-id: 0fZJA07yc7CYTxdzJ6uNvCB1pKv_P-yGXW95TwFmW7SBDxASR2RnNw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3ap0v881303989&_p=1211195895&gcd=11l1l1l1l1&cid=1264284377.1698440035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698440034&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0da214c4aec7ed43232e24ffc8215b3cf1246954628918cbb8fb567b61b1ceb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 20:53:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3ap0v889124241&_p=1211195895&_gaz=1&gcd=11l1l1l1l1&cid=1264284377.1698440035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698440035&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=1264284377.1698440035&gtm=45je3ap0v889124241&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 55ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=1264284377.1698440035&gtm=45je3ap0v889124241&aip=1&z=600982938

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A8A4 6 KB
1 KB 65ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1698432834&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=1&bdt=607&idt=0&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0%2C500x280&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KroStUKlip&p=https%3A//s.id&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 20:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 18:59:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 20:53:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A8A4 2 KB
907 B 50ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame A8A4 23 KB
9 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A8A4 3 KB
1 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 13:08:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 13EB 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 28 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A8A4 20 KB
9 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A8A4 0
0 51ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzDj26deIU7wu2lC7NbHyOpzgNHr9AwZ5TL3OuIMl00yXawmkktFMr6GxaYmvcHfv9n7JeR1iG3NSj53tOK-4x7f_7Pg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1698432834&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=1&bdt=607&idt=0&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0%2C500x280&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KroStUKlip&p=https%3A//s.id&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8A4 187 KB
59 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 20:53:55 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame A8A4 36 KB
15 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 17:18:51 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5240273444455032562/ Frame A8A4 6 KB
7 KB 43ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5240273444455032562/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c85601e650b8111067d191d8959144e7cfe0d894e3a87b891de6dfda3cb3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:33:13 GMT
x-content-type-options: nosniff
age: 22842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6411
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 21:17:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 14:33:13 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 13EB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1&google_push=AXcoOmSxJKEro1npxx4IZWB39peg0bD-TjWxxpE0oN3vxUCvYGeDvn1VFaXiwgutFHa8yO6EsUFNxd_mi0tAA2u79En71e4I970tZg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg2ODAzMzg4NzY1ODk5NDgyNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1

43 B
398 B

81ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1
Requested by: Host: s.id
URL: https://s.id/beeesdssd
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJTCLCPAP3oYi3LwovqP6Bw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 13EB 70 B
149 B 107ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDFCHCNeeie01hfLUwAnzYE&google_cver=1&google_push=AXcoOmRzdzOBB5dKux-3aae-YHP__cFasQdrxddpBrV-kgtZRhXd6ZrnnhJZAFsqfr0efSntsvsRWf8TrbMUjSLmvCdqSVvYIyS_vw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1698432834&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=1&bdt=607&idt=0&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0%2C500x280&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KroStUKlip&p=https%3A//s.id&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 13EB
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBAMjbZiCp0-3zt9pEnkjFs&google_cver=1&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ8DOdn1PK1EqNkaHcbzg&google_hm=3JiQOQpeSuGEPDpX8n...

170 B
232 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ8DOdn1PK1EqNkaHcbzg&google_hm=3JiQOQpeSuGEPDpX8nWILMk

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR_WqugGCVQeEJqYZCCbRSwPj308hXCFXX5flN-jySCMgYsBMF_g0U_NsEBH0x9eDMjBs7Vtt6UMRZ8DOdn1PK1EqNkaHcbzg&google_hm=3JiQOQpeSuGEPDpX8nWILMk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 13EB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA_9tfxj4b3kGEje5oeuoZY&google_cver=1&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61l...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDc0NDQwNDU1Njc3MzUxNQ%3D%3D&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61lAoa3...

170 B
329 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDc0NDQwNDU1Njc3MzUxNQ%3D%3D&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61lAoa3fz2Pnm4yaP

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDc0NDQwNDU1Njc3MzUxNQ%3D%3D&google_push=AXcoOmS9HQXelA2IrXiuSMnlV6cwgL01_q81BCuW4WQHCGLVhP2xUDownAktb-G6e6dEO16PE4qemV8nAZv61lAoa3fz2Pnm4yaP
Date: Fri, 27 Oct 2023 20:53:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13EB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECIgbpnHUOOLlZr1o6V4ido&google_cver=1&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECIgbpnHUOOLlZr1o6V4ido&google_cver=1&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5I...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQv8kOlsi3Qy45Jjmft3a1NtKJ0Y2bi26l_1dq2fAA-Y51IL7VpmiLShLboAbyjt9kibnZHWWgqD1LLMDmR1ZM5IFn89C3Lrg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13EB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMI8ZySyUlGbnzjK071Ht-k&google_cver=1&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8z...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMI8ZySyUlGbnzjK071Ht-k&google_cver=1&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2Jz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8zOIaOIU6HC2dQ2lzvCli8

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmQ-85qFMhN9Weq2Y4fe0RuNLnB5LGwhg5oXcmZk5_n_OpQC3pGR_T_2qwbTId6pdz1o2JzaiN8zOIaOIU6HC2dQ2lzvCli8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 13EB
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIywfajmmg1G...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTnZO0PO6ZKhun1Bn0WmjdvzgzmYtFQhdePcA6LU3ONSGLRphdTA73NFSi5pGFqj0vGT5-_JBm1bmckI4pnGkwmoDoBACRCr54
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

32ms
31ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: s.id
URL: https://s.id/beeesdssd
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 27 Oct 2023 20:53:55 GMT
pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 13EB 0
130 B 51ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_ldsJI_N5OZO6SSeUzaKfj3wCQz3LQ40D3OKTe7W752SnwphgsDIwRCNRt4ZFV4uCWJW8Bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A8A4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a29f8f626b037824e1d3bc998462715731f1b811c51e9506dec0cc5f56aa038

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8A4 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 19860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8A4 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 544596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 13:37:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8A4 15 KB
15 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 60423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A8A4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Czgf-YiM8ZcGgOYuxiM0PoY84ooi_1HGowZSFpRLsw7WrrgEQASDKhNqPAWCVqpSCoAegAcCj4d4CyAEJqQJK8ywF5buxPqgDAcgDywSqBMoBT9DuoNoyVmQt7Q2rN1F1sAUCl7qwkqe_vPl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224927479396274235974%22,%22debug_reporting%22:true,%22destination%22:%22https://rahnschule.de%22,%22event_report_window%22:...

0
0

59ms
43ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224927479396274235974%22,%22debug_reporting%22:true,%22destination%22:%22https://rahnschule.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22735596992%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22640500877465007089%22}&andc=true

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4927479396274235974","debug_reporting":true,"destination":"https://rahnschule.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["735596992"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"640500877465007089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Oct 2023 20:53:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 20:53:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4927479396274235974","debug_reporting":true,"destination":"https://rahnschule.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["735596992"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"640500877465007089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame B89B 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 15:18:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
41ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 20:53:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9053089937341292509
tpc.googlesyndication.com/simgad/ Frame 612A 99 KB
99 KB 11ms
10ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9053089937341292509

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

057ad79041c13e17aa7d4b64f78d98c93c7662e80809c7a4c2803b47417f3c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:44:42 GMT
x-content-type-options: nosniff
age: 14954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101612
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 15:22:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 16:44:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 612A 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 612A 3 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 13:08:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 612A 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 612A 0
0 20ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1H5uOK9bnv1VrQVWHcb7UPN25A0HEeY5zu1L0F2Sy6_0V1kX0v1X-VKK7OOAzXHEIpkvJL9tulHNDqCUVQXL3DbhFxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 612A 187 KB
59 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 20:53:56 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 612A 35 KB
14 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

725dad3eb33d87fb72bac214bb1b69459441528260933eaeaf48b0f2caea0c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14461
x-xss-protection: 0
server: cafe
etag: 11281912579417060447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:21:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D51 143 B
166 B 10ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDDE 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 28 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 612A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5f372cd4dd510e63ba3f4eb9ab0789935742490fd4957cec672e1b65bc69b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D51
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
15ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:56 GMT
expires: Fri, 27 Oct 2023 20:53:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame EDDE 35 B
465 B 29ms
10ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJYjrV3WwCg3C6_mAzjiAnk&google_cver=1&google_push=AXcoOmRJsc9DiEHYbyj1jgAOzvGgsx1D3ajSt559p4zLVXuwQ0xdSnJ72wcqh3RwgDi6h-Aify_LSGuTCwHQY3ppO6ISVaXahQ5umcE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECV1upsZymCEeHRd3_klHhc&google_push=AXcoOmSZP_NpHhs15FY7TPVRHsbZ54LlhR83ua2xpQi-AsiXZk-2uA1CCv...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECV1upsZymCEeHRd3_klHhc&google_push=AXcoOmSZP_NpHhs15FY7TPVRHsbZ54LlhR83ua2xpQi-AsiXZk-2uA1CCveqqWt7-_b-rqGj2BQJWGWyuB7H7poO_4IVBKqvUULMELY

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230063-FRA
pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698440037.661983,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECV1upsZymCEeHRd3_klHhc&google_push=AXcoOmSZP_NpHhs15FY7TPVRHsbZ54LlhR83ua2xpQi-AsiXZk-2uA1CCveqqWt7-_b-rqGj2BQJWGWyuB7H7poO_4IVBKqvUULMELY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EDDE 70 B
148 B 34ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA1_0VEolGSufUuLB5f0NHM&google_cver=1&google_push=AXcoOmTrDOEE-xMKle6BQjUJ-Yx1LQ0mtUb4BjekzFqV1LpA-WORzHzHtIMvy9bi3dr1Bu2u4hiaL5L45aEFbuoeTMXMDkTchKr6kOE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EDDE 0
173 B 38ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEItWJQnIGPIxSQd8JiTIDWw&google_cver=1&google_push=AXcoOmSUYwHIrMOaLz-HreRBwh3ZTZwdcrGc88R8OYj4LbdyoW36eltgPpBc6xvejKi2zYWDqi2QffR6xmsfJuounKYPe4VBvjyhKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698432834&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698440034894&bpp=2&bdt=607&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1001ca9ade74c42-22b1c6f317e30005%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_MaSzvp680EfV0FSz62thiPTmDJIFA&gpic=UID%3D00000d9d0b3cbb8e%3AT%3D1698440034%3ART%3D1698440034%3AS%3DALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ&prev_fmts=0x0&nras=1&correlator=8772645310543&frm=20&pv=1&ga_vid=1264284377.1698440035&ga_sid=1698440035&ga_hid=1211195895&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44805933%2C44806737%2C31078301%2C31079176&oid=2&pvsid=2473321387362457&tmod=2132694454&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8ndC8ibVdQ&p=https%3A//s.id&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDp1UFCPAll23qqsFxTaCjg&google_cver=1&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSC...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSCSCCwO4io&google_hm=eS1Qc3hQNU1GRTJwSGx...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSCSCCwO4io&google_hm=eS1Qc3hQNU1GRTJwSGxmR2doNDFmTTB2bzYuUE44VHpfYn5B

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 27 Oct 2023 20:53:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS53v7oIcNziuUtWWETJr4K_Iiot_NzJtaFYvves6KERa2HUyY5Si3BriLg0ofb4MvMZM82AmvIAt9VqpFyfnnxiSCSCCwO4io&google_hm=eS1Qc3hQNU1GRTJwSGxmR2doNDFmTTB2bzYuUE44VHpfYn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EDDE 43 B
363 B 45ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQjz54YhpuTKoY4B2vcU6H3mAZMcD_QbzbkbF38tUIbftp7mTpOTZtXsaq7FeuiopvkA9UebMrNjIwGXK2kBlofd-lDUCnAqkE&google_gid=CAESEN9piMNIthYbGsG_3QMAqAk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 212910
expires: Fri, 27 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDDE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENXucE2muzSChHc2vv1VnBU&google_cver=1&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1kAX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1k...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1kAXyQYZUH7AZd8di4kVbhYbLg

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM0NjExMjU3MjcxNzE1MzY4NA&google_push=AXcoOmSgCl2y96MkHzUwby2HTfonL_o8V-I8564TKAuFdLPSH32WJkQs7sZhTYYwcq7pWDvsmKHg1kAXyQYZUH7AZd8di4kVbhYbLg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EDDE 0
12 B 15ms
14ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1BZ9Td7hQZWO6l_HyOBxpprChcW9cmfp-_iRSNGzz2yX5t5dXGWdW1JWeiiOE8n-bWqtX

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A8A4 42 B
64 B 63ms
48ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEVa5nI1fZt2rMJDb2SGMg2zR4_H6j6XgBrXPTkXofN8DszIEx7V3-ORfS3JIC1-ZmHBfJADlvUxI5OBEhuajv--nCkyhPsXhDT2YH9BBz1gxF5QYwdroDnFDxvvEoXfdsLfhlPKa8Y1l7&sai=AMfl-YRsecTU1mlIaVDYLyRDtwtcsP5JP24Fmg_Ld_egt4QWqp7L4zRtougPrAFCzooQxQ3R9YJznLqZoRpowhEj4lQb14QfMhtCq2qD5wvYdcgOc4t-e6DFA1lWhglS&sig=Cg0ArKJSzOeDUrQ2us8yEAE&cid=CAQSPADICaaNS8iHE7i4zw8-zwwdd3e0aTh1U5dlpvDw_AyhOZ3WSWXB904O40UxVSIQh6JMvy5cVOhn6S3UoBgB&id=lidar2&mcvt=1004&p=0,0,60,500&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698440034907&rpt=750&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 612A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck-_2YiM8ZZ3cOI6wiM0P88q1yAaZs_Prc9vN3ZD6EaTn8u2VAhABIMqE2o8BYJWqlIKgB6AB8OPHuQPIAQOpAsNgEEQJiGw-qAMByAPJBKoEvgFP0I94tbat1d2G655X1bYKlBDoL3sje1V...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217865588751485378957%22,%22debug_reporting%22:true,%22destination%22:%22https://originalplus.co%22,%22event_report_window%...

0
0

43ms
42ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217865588751485378957%22,%22debug_reporting%22:true,%22destination%22:%22https://originalplus.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22926020080%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226946637920319793361%22}&andc=true

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17865588751485378957","debug_reporting":true,"destination":"https://originalplus.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["926020080"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"6946637920319793361"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Oct 2023 20:53:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 20:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17865588751485378957","debug_reporting":true,"destination":"https://originalplus.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["926020080"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"6946637920319793361"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 59ms
55ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a04161597f608bc4f26ef8ba5da1d65b60fbab686ce22dac72650b0b6c086a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12227
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BFD 38 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 15:18:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 20:53:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 20:53:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45AE 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 10:11:35 GMT
expires: Sat, 26 Oct 2024 10:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9893 829 B
560 B 18ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe1b8dca1f1de7ce9be8fa13d65f946e4425047764a018a2a4d782fdf22a4553

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z2E5Ud165YlIw2vhuPcjgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-z2E5Ud165YlIw2vhuPcjgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 20:53:56 GMT
expires: Fri, 27 Oct 2023 20:53:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 45AE 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 11:45:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9893 0
0 41ms
41ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=2473321387362457&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45AE 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TQKCyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:53:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=2473321387362457&bg=!bW6lbiHNAAbo5yKYyOc7ADQBe5WfOGMEpWJxZnsaqkfY0QSByNMbZWfMDrxssst1lyEQ1qiAa6B8Ss_ZaOAYCKTqYqVIAgAAAEtSAAAAA2gBB5kCsNpjaoRMWavaynpgTcUvLhNoQbv5d_UUQhG1WQXFnB5dfiCDY8NUFVF4kg8DT_WOXw5mHB29Hieoow9G8WxGfqkStGYxvUH1YPwsOrskjsIO-5_zItcahL82kRwzjaKGR25623rZ6EupOQYvpKypOrhsRetcVVv-n3bOrbCYu49K_kLsobyuFe41Sop02Vv3UfBqz7accJTtSaoQzSJbQAVL2TUTYmO2FSmk-tG3f_8p11so5blo4FWNRFmtu_FNLWY28pISdGkDNbAqyyNf2DGoiPmf5j24F69uBLjmenVwaaOHuvN4cacxKRF1EObmLhajVvuMy5HzVbU2Jwh9y9cNmYk-E4CoP201_YX4m8mMyG3CET8WxE2gUz9S0WVJTx9Lh5MiLE63WMTFd3_2b62Oj7B2xWaO1mf-w_EfRYksDIxyCAh1w6sxuxCqSUQ_Au-0uqopIHs5vD866F0N1ihU7ND3JHBz6aJTPKMkTVQOq8KlkEsbpasFaXiKWJX85svDAA_lJHhF71DFku3NaohddKKwVnTR6NcuWwDhJ_Mi1Suyh2Q_yGdlORNkPqAFQ5VcIiugB3wf-xUUxlC_9toY4FMxiMGganVr1sGDhqP0vGWfZBl-xss3g-N5xlFulpK8O-LW3iM22q4lFFycAss120TnDNHRbuuIAu8k-9F1chyELd8YAI0U62ckyQe6euXRMRVEw-EErNoM4Is9qHCLoUTiHDJKZXbHigEiJmrJNbqYVFsSUCihesgPQ-6lRNUt4BQEIlPbbMrGMWP3oPNtBCLoBQ-apuM81QfpCZ68yfrKgCCdzH37nUEZsDkVj7SMmGXmuhBpj4iTY3LEG4DPtiMlRwq6xnpEnG285PHN0tQhiR4hEffxZLgvHYVep44HH77MjJVMjlHCMB6ch4U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 612A 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhPM7COGYKXlCH-MK9TZIn9Pm1ZovP-mYvaQfALoKqIO0PPuKGsQfgkSmSiWYmXQsSDDkqDzzuK783X8jKibXHL3TL9FbcTpMu1MCeYw53uBYAnJqYXEgRcgeSvZSx5SSSGyne_iGp2LvT&sai=AMfl-YTF-a4qgzSTNVuK91QfKIcsgoQPGHVMm5Zog3xzzlPpYjjUZx8W7snRACyA2_JGNeuonWR0JYZsQFQq66l9g1L2ngr_s9oh1qCfUOSev1JulJrqF_EhhTKNBPCR&sig=Cg0ArKJSzGrj2PM983__EAE&cid=CAQSPADICaaNOoUfQdkg47yPfmuMbQkU-U5r9B-zEeRoeMXr2DhUa0WefTe8VDu3eevOO5nwUi09nsgDYj0fShgB&id=lidar2&mcvt=1000&p=0,47,280,453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698440034900&rpt=1753&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3ap0v881303989&_p=1211195895&gcd=11l1l1l1l1&cid=1264284377.1698440035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698440034&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=scroll&epn.percent_scrolled=90&_et=17
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 20:54:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 01:08:56	Name: __gads Value: ID=e1001ca9ade74c42-22b1c6f317e30005:T=1698440034:RT=1698440034:S=ALNI_MaSzvp680EfV0FSz62thiPTmDJIFA
.s.id/	1970-01-21 01:08:56	Name: __gpi Value: UID=00000d9d0b3cbb8e:T=1698440034:RT=1698440034:S=ALNI_Ma3R4_8KljPdJ_BRfIYVY3t3eu0yQ
.s.id/	1970-01-21 01:23:20	Name: _ga Value: GA1.1.1264284377.1698440035
.s.id/	1970-01-21 01:23:20	Name: _ga_LJQ0V44EV5 Value: GS1.1.1698440034.1.0.1698440035.0.0.0
.s.id/	1970-01-21 01:23:20	Name: _ga_GTE5CBQ89K Value: GS1.1.1698440035.1.0.1698440035.60.0.0
.ctnsnet.com/	1970-01-21 00:32:56	Name: cid_dc9890390a5e4ae1843c3a57f275882c Value: 1
.ctnsnet.com/	1970-01-21 00:32:56	Name: gid_CAESEBAMjbZiCp0-3zt9pEnkjFs Value: 1
.adfarm1.adition.com/	1970-01-20 17:56:56	Name: UserID1 Value: 7294744404556773515
.de17a.com/	1970-01-21 00:25:44	Name: guid Value: 1.2972151984884715538
.adform.net/	1970-01-20 16:31:58	Name: C Value: 1
.adform.net/	1970-01-20 17:13:44	Name: uid Value: 4346112572717153684
.googleadservices.com/	1970-01-20 17:56:56	Name: ar_debug Value: 1
.turn.com/	1970-01-20 20:06:32	Name: uid Value: 2868033887658994827
.doubleclick.net/	1970-01-21 01:08:56	Name: IDE Value: AHWqTUlu7hIPCok8_sEVcybZ8yjioBzo8KUNHbf5dWYhsZA6YMvfYwS5iudiCggYThY
.doubleclick.net/	1970-01-20 15:47:23	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 17:56:56	Name: d Value: EBYBCQGkKoEA
.quantserve.com/	1970-01-21 01:17:34	Name: mc Value: 653c2364-9e694-a8dcf-674c1
.blismedia.com/	1970-01-21 00:33:00	Name: b Value: 653C23646B6042D610434FE2BLIS
.yahoo.com/	1970-01-21 00:33:17	Name: A3 Value: d=AQABBGQjPGUCEJpUrDz6jfO0sZDy8VyJdXgFEgEBAQF0PWVGZQAAAAAA_eMAAA&S=AQAAAhC_p9ndpg8MSCwaYd81JZ0
.everesttech.net/	1970-01-21 00:32:56	Name: everest_g_v2 Value: g_surferid~ZTwjZAAADrN4LwAr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
app.s.id
c1.adform.net
cdn-sdotid.adg.id
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
microsite.s.id
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s.id
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.194
142.250.186.34
151.101.130.49
178.250.1.9
193.84.85.178
2001:4860:4802:32::36
213.155.156.169
23.35.237.56
2606:4700:20::ac43:4b68
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c06::9d
2a05:d018:d29:3601:c184:4582:9358:8e30
2a06:98c1:3121::3
34.96.105.8
35.186.193.173
35.71.131.137
37.157.2.228
45.126.58.90
46.228.164.11
85.114.159.118
057ad79041c13e17aa7d4b64f78d98c93c7662e80809c7a4c2803b47417f3c12
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da214c4aec7ed43232e24ffc8215b3cf1246954628918cbb8fb567b61b1ceb8
10aeab6daa0f60489841182d089a82b7b851def405ebd4bfd006e3c8f5d76432
13d0198d5674d87b8851607a5ce670c30940fb270a96f55fa0b1f0db71c9e565
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
260ed6b8e38c9a7ad120552f6430ba3d2f5eeb6caee33181d7adebed6edc862b
2c85601e650b8111067d191d8959144e7cfe0d894e3a87b891de6dfda3cb3eec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31aeb49e63d1601d0277efb46bae4cff27ccf515a5b5ea76480cd7aeb879a76c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cb8883a5e6d8471d36ee07a5ce769bb4356e5be0271056d137773a2a069020
3d307c43dd1bbdaf5f96e45c815cb97f9efdd8e7fa93db548fd239f3cfb4113c
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a04161597f608bc4f26ef8ba5da1d65b60fbab686ce22dac72650b0b6c086a
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
725dad3eb33d87fb72bac214bb1b69459441528260933eaeaf48b0f2caea0c60
7d5f372cd4dd510e63ba3f4eb9ab0789935742490fd4957cec672e1b65bc69b4
806c1ef5fc100326a319743d38db306c95dddc723f8cdfe5449e2802e1b5fc15
8a29f8f626b037824e1d3bc998462715731f1b811c51e9506dec0cc5f56aa038
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4c5c11a50d6451fe2163be545a3a72532b6d1b4869acc53835f9fb75ce5edc
90a9d26d9c18ef90292a31459a3e253ba6f89b2715cde00da82a10114ecd4e3c
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a159e91f80d252188b05d118323118f45a77599185245a7b68f4b0df0b9d1664
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
baa24e540ac0d9310e9b1966fef6fc0d8f931e47f694f071a90603c3a3bf013d
be7f897eeae726ee151bbe6f566ed430986dc8923261528fa6132451a7749caf
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
da3da807e4417985b31a972caeb143a617c2cb00522cf95cc674eb223e0e8cd3
df710eb871327b8e0877e822224d3f68cda0bafa996a9ddded7ec578f5e7043e
e0edc04c0cd44afe889efbba9d37412e45656459509c12b4bc354cd10e0fe1b7
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bf8458d4b22aee6d0a7e9aaaf9cfc9007ffe2d0c498ee0228efee1ebd54822
f302e1bbec8d58ccb5c292aeee7919dad2c047b2a6a2b6f19964515c888519d3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7
fe1b8dca1f1de7ce9be8fa13d65f946e4425047764a018a2a4d782fdf22a4553

s.id Open in urlscan Pro 193.84.85.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

89 %HTTPS

55 %IPv6

24 Domains

33 Subdomains

26 IPs

10 Countries

2047 kBTransfer

5885 kBSize

20 Cookies

2 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s.id Open in urlscan Pro
193.84.85.178 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

89 %
HTTPS

55 %
IPv6

24
Domains

33
Subdomains

26
IPs

10
Countries

2047 kB
Transfer

5885 kB
Size

20
Cookies

96 HTTP transactions
2 data transactions