blog.s.id Open in urlscan Pro
45.126.58.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/1AzLP
Effective URL:
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm...
Submission: On February 27 via api (February 27th 2023, 1:37:17 pm UTC) from US — Scanned from US

Summary HTTP 246 Redirects Behaviour Indicators

Summary

This website contacted 52 IPs in 3 countries across 47 domains to perform 246 HTTP transactions. The main IP is 45.126.58.78, located in Indonesia and belongs to IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID. The main domain is blog.s.id.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
7	2607:f8b0:400... 2607:f8b0:400d:c09::61	15169 (GOOGLE) (GOOGLE)
16	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:400d:c07::5f	15169 (GOOGLE) (GOOGLE)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:400d:c09::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c04::66	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::9d	15169 (GOOGLE) (GOOGLE)
1 11	2607:f8b0:400... 2607:f8b0:400d:c04::9a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c02::67	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:400d:c0c::9b	() ()
1	2607:f8b0:400... 2607:f8b0:400d:c07::9d	() ()
2	2607:f8b0:400... 2607:f8b0:4006:81c::2002	() ()
6	2607:f8b0:400... 2607:f8b0:400d:c07::9a	() ()
1	162.159.138.6 162.159.138.6	() ()
1	2606:4700:20:... 2606:4700:20::681a:68e	() ()
17	2607:f8b0:400... 2607:f8b0:4006:81c::2001	() ()
4	2607:f8b0:400... 2607:f8b0:400d:c09::84	() ()
1	2a04:4e42:600... 2a04:4e42:600::485	() ()
1	34.102.146.192 34.102.146.192	() ()
1	2620:100:a001::4 2620:100:a001::4	() ()
6	104.19.231.122 104.19.231.122	() ()
3	2607:f8b0:400... 2607:f8b0:400d:c00::5e	() ()
2	2607:f8b0:400... 2607:f8b0:400d:c00::9a	() ()
2	2607:f8b0:400... 2607:f8b0:400d:c04::5f	() ()
1 2	34.120.107.143 34.120.107.143	() ()
1 2	2620:100:a001::c 2620:100:a001::c	() ()
5 28	173.194.205.156 173.194.205.156	() ()
2 4	192.40.39.223 192.40.39.223	() ()
2 3	68.67.160.117 68.67.160.117	() ()
1	2607:f8b0:400... 2607:f8b0:400d:c09::8b	() ()
12	2a00:1450:400... 2a00:1450:4007:813::2003	() ()
1	2607:f8b0:400... 2607:f8b0:4006:f::6	() ()
6	2606:4700::68... 2606:4700::6811:6cd4	() ()
1	74.119.119.139 74.119.119.139	() ()
1	209.85.232.154 209.85.232.154	() ()
3	35.244.159.8 35.244.159.8	() ()
2 3	100.25.50.80 100.25.50.80	() ()
3	2607:f8b0:400... 2607:f8b0:400d:c02::94	() ()
2 2	23.5.227.42 23.5.227.42	() ()
1	34.96.105.8 34.96.105.8	() ()
3 3	35.211.178.172 35.211.178.172	() ()
2 2	104.36.115.113 104.36.115.113	() ()
2 2	63.251.86.51 63.251.86.51	() ()
2 2	3.232.246.198 3.232.246.198	() ()
5 5	199.127.204.147 199.127.204.147	() ()
2	174.129.13.79 174.129.13.79	() ()
1	2600:1f18:4e9... 2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315	() ()
1 2	52.46.151.131 52.46.151.131	() ()
2 2	15.197.193.217 15.197.193.217	() ()
1 1	52.55.14.74 52.55.14.74	() ()
2 2	174.137.133.49 174.137.133.49	() ()
1 1	104.18.25.185 104.18.25.185	() ()
1 1	2600:1f18:612... 2600:1f18:612b:4232:cbfb:31da:cef6:348	() ()
1 1	23.21.213.58 23.21.213.58	() ()
1 2	96.6.23.74 96.6.23.74	() ()
5	2600:9000:21d... 2600:9000:21dd:aa00:8:48e:53c0:93a1	() ()
1 1	2607:f8b0:400... 2607:f8b0:400d:c0d::65	() ()
2	2607:f8b0:400... 2607:f8b0:4006:2::7	() ()
4	74.125.192.154 74.125.192.154	() ()
2	3.88.245.113 3.88.245.113	() ()
3	2600:1f18:1ac... 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f	() ()
1 1	151.101.194.49 151.101.194.49	() ()
1 1	51.222.39.185 51.222.39.185	() ()
1 1	54.167.168.227 54.167.168.227	() ()
2	173.194.207.156 173.194.207.156	() ()
1 1	34.98.64.218 34.98.64.218	() ()
246	52

35 45.126.58.78 (Indonesia) 1 redirects

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c07::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sdotid.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c09::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c04::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:400d:c04::9a (Morganton, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c02::67 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:400d:c0c::9b (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::9d (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c07::9a (None, )

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.6 (None, )

ASN- ()

shortener.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68e (None, )

ASN- ()

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:81c::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c09::84 (None, )

ASN- ()

53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (None, )

ASN- ()

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.231.122 (None, )

ASN- ()

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c00::5e (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c00::9a (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::5f (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (None, ) 1 redirects

ASN- ()

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 173.194.205.156 (None, ) 5 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.117 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::8b (None, )

ASN- ()

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4007:813::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:f::6 (None, )

ASN- ()

rr1---sn-ab5sznzd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:6cd4 (None, )

ASN- ()

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.154 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (None, )

ASN- ()

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 100.25.50.80 (None, ) 2 redirects

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c02::94 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.5.227.42 (None, ) 2 redirects

ASN- ()

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.51 (None, ) 2 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.246.198 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.127.204.147 (None, ) 5 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.13.79 (None, )

ASN- ()

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.74 (None, ) 1 redirects

ASN- ()

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (None, ) 2 redirects

ASN- ()

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, ) 1 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:cbfb:31da:cef6:348 (None, ) 1 redirects

ASN- ()

google.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.213.58 (None, ) 1 redirects

ASN- ()

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.6.23.74 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21dd:aa00:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::65 (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:2::7 (None, )

ASN- ()

r2---sn-ab5l6nk6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.192.154 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.88.245.113 (None, )

ASN- ()

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.167.168.227 (None, ) 1 redirects

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.156 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (None, ) 1 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 securepubads.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	290 KB
45	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com ade.googlesyndication.com	578 KB
35	s.id 1 redirects s.id — Cisco Umbrella Rank: 183073 home.s.id api.s.id — Cisco Umbrella Rank: 847029 blog.s.id	508 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	205 KB
16	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1803 ekr.zdassets.com — Cisco Umbrella Rank: 2092	379 KB
13	adsafeprotected.com 2 redirects fw.adsafeprotected.com unified.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com pixel.adsafeprotected.com	141 KB
10	google.com analytics.google.com — Cisco Umbrella Rank: 310 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com mts0.google.com	60 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com	137 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	493 KB
6	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r2---sn-ab5l6nk6.c.2mdn.net	2 MB
6	glotgrx.com pre.glotgrx.com	650 B
6	openx.net 2 redirects oajs.openx.net google-bidout-d.openx.net us-u.openx.net	2 KB
6	yabidos.com pixel.yabidos.com	75 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
3	1rx.io 3 redirects sync.1rx.io	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	criteo.com 1 redirects gum.criteo.com mug.criteo.com	7 KB
3	zendesk.com sdotid.zendesk.com shortener.zendesk.com	2 KB
2	tvpixel.com p.tvpixel.com	759 B
2	teads.tv 1 redirects sync.teads.tv	615 B
2	adkernel.com 2 redirects dsp.adkernel.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	971 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	360yield.com 2 redirects match.360yield.com	788 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	owneriq.net 2 redirects px.owneriq.net	2 KB
2	googletagservices.com www.googletagservices.com	97 KB
1	sharethrough.com 1 redirects match.sharethrough.com	355 B
1	onetag-sys.com 1 redirects onetag-sys.com	336 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	536 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	644 B
1	tremorhub.com 1 redirects google.partners.tremorhub.com	637 B
1	fksnk.com 1 redirects fksnk.com	613 B
1	yahoo.com pr-bh.ybp.yahoo.com	602 B
1	blismedia.com tr.blismedia.com	173 B
1	googlevideo.com rr1---sn-ab5sznzd.googlevideo.com	3 MB
1	criteo.net static.criteo.net	13 KB
1	openxcdn.net oa.openxcdn.net	8 KB
1	jsdelivr.net cdn.jsdelivr.net	896 B
1	protagcdn.com protagcdn.com	113 KB
1	googleadservices.com partner.googleadservices.com	597 B
0	socdm.com Failed tg.socdm.com Failed
0	3lift.com Failed eb2.3lift.com Failed
246	47

	Domain	Requested by
28	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com google-bidout-d.openx.net
22	pagead2.googlesyndication.com	blog.s.id pagead2.googlesyndication.com tpc.googlesyndication.com 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com googleads.g.doubleclick.net
18	blog.s.id	home.s.id blog.s.id
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com imasdk.googleapis.com
14	static.zdassets.com	home.s.id static.zdassets.com blog.s.id
12	csi.gstatic.com	www.gstatic.com imasdk.googleapis.com
12	home.s.id	home.s.id
10	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com pagead2.googlesyndication.com 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
7	www.googletagmanager.com	home.s.id www.googletagmanager.com blog.s.id
6	pre.glotgrx.com
6	pixel.yabidos.com	protagcdn.com pixel.yabidos.com
6	securepubads.g.doubleclick.net	blog.s.id securepubads.g.doubleclick.net 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
5	static.adsafeprotected.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com srcdoc
5	www.google.com	home.s.id tpc.googlesyndication.com 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	home.s.id blog.s.id 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	home.s.id
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	api.s.id	home.s.id
3	dt.adsafeprotected.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
3	us-u.openx.net	1 redirects google-bidout-d.openx.net
3	sync.1rx.io	3 redirects
3	x.bidswitch.net	3 redirects
3	s0.2mdn.net	home.s.id s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
2	ade.googlesyndication.com
2	p.tvpixel.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
2	r2---sn-ab5l6nk6.c.2mdn.net
2	sync.teads.tv	1 redirects
2	dsp.adkernel.com	2 redirects
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	unified.adsafeprotected.com	imasdk.googleapis.com
2	sync.targeting.unrulymedia.com	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	px.owneriq.net	2 redirects
2	fw.adsafeprotected.com	1 redirects home.s.id
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	imasdk.googleapis.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
2	www.googletagservices.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	sdotid.zendesk.com	static.zdassets.com
2	ekr.zdassets.com	static.zdassets.com
1	pixel.adsafeprotected.com	1 redirects
1	match.sharethrough.com	1 redirects
1	onetag-sys.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	gcdn.2mdn.net	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	google.partners.tremorhub.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	fksnk.com	1 redirects
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	tr.blismedia.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	mug.criteo.com
1	rr1---sn-ab5sznzd.googlevideo.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
1	mts0.google.com	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	protagcdn.com	blog.s.id
1	shortener.zendesk.com	static.zdassets.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.id	1 redirects
0	tg.socdm.com Failed	53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
0	eb2.3lift.com Failed
246	76

This site contains no links.

Subject Issuer	Validity	Valid
home.s.id R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sdotid.zendesk.com Cloudflare Inc ECC CA-3	`2022-12-19` - `2023-12-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
api.s.id R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
blog.s.id R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
zendesk.com Cloudflare Inc ECC CA-3	`2023-01-16` - `2023-04-15`	3 months	crt.sh
*.protagcdn.com E1	`2023-01-04` - `2023-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-14` - `2023-04-25`	2 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-22` - `2023-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
unified.adsafeprotected.com Amazon RSA 2048 M01	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.tvpixel.com Amazon RSA 2048 M02	`2023-02-23` - `2023-12-12`	10 months	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Frame ID: 54CAB378BEBE9F2E1530C9C278254CCF
Requests: 78 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Frame ID: 1473BDF9C8FA3E0CF5B8ECBC6783122D
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: 98FAC617D7D72BD9B1D421D27726F272
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 58D835E318B96D500131AAC1FEA099AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1677505031&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677505031294&bpp=3&bdt=343&idt=124&shv=r20230222&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6471520185774&frm=20&pv=2&ga_vid=404804102.1677505027&ga_sid=1677505031&ga_hid=1043880441&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44777876%2C31071642%2C31071756%2C31072480&oid=2&pvsid=69132477306625&tmod=1498070346&uas=0&nvt=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 531F0ACF94422E135E7C4E30AFD8A00A
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Frame ID: 203EDA06FE8E994F7838188F62B0C872
Requests: 2 HTTP requests in this frame

Frame: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04CCD463580D496C3D93CA4694ED315B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA758BBDCA28D064D7C40D1F86082F5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55AA32F38A47508D02ECBD7CD88B4DA2
Requests: 2 HTTP requests in this frame

Frame: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 538280775CBE6583975E594BF88DA21C
Requests: 27 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Frame ID: C3E565490C9061CC69D5B8C3B72B3761
Requests: 4 HTTP requests in this frame

Frame: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2601FD35018ABED32EB7A980743FC5C
Requests: 25 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Frame ID: D45023DA1C028CEE594AB251C7F00C7E
Requests: 4 HTTP requests in this frame

Frame: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52414AF9C04DF67A75435B8859D30C4F
Requests: 36 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Frame ID: 38FE97DC4F3605A6D97CFDE54F78E0D0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxixoIXfATAB&v=APEucNU5v58MjaBghs8fvArl29_N5kbLjWXHEnXzCME4ElogKByab9nDZWfn2m-1ogp_33FqeBht32bA_mVOR_Pcti8UsYANGg
Frame ID: 314562B29632CD50A4CAA5DA419EA77E
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: F5D7989D3CEA26E1D959E7B2878ED7A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8929438FBEA79D287B4A0C9A7F15BEC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 410243D4C4614B4CFF7530C8B82D10C7
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 32C374627F6C8500B03388A88DF3B25A
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 277235D85CF9946C4886504F489682A3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 76488B1EFA7872EEA45A17007EDBEFD2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BEC1A8DAE42A82F10631ED8794A09EB5
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9186113795984982016/hrb_ct_omni_filetoday_html_176_300x600_v1_na_y/hrb_ct_omni_filetoday_html_176_300x600_v1_na_y.html
Frame ID: C3611B7C705A005A9DEBB7BDC4E869B3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 290AB73AB253CC93825E36DAD4F8B01B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4A129EC4297BC010053B2E8EF0BA060
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x600.js
Frame ID: 5D1D8475CC2254734091408C9A27EB74
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oops, You accessing Forbidden Link! What is that? - S.id

Page URL History Show full URLs

https://s.id/1AzLP HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

246
Requests

86 %
HTTPS

47 %
IPv6

47
Domains

76
Subdomains

52
IPs

3
Countries

7830 kB
Transfer

13497 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/1AzLP HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s.id/1AzLP HTTP 302
https://home.s.id/forbidden

Request Chain 133

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-yyCpxmI.qAFxa96PL3MgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1&google_hm=2

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD0jMOuRx-G3HmQL5SqA6M&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MDIwNDczNDkxNjEwODUyMQ%3D%3D

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2K_w8Hxyc1o2NUtjTGZiQlRUM3oyNkFEb2ZSN2xRbXhlOW82RHVEcUIzSFZZQ29KOFBpMHVMUmZ3ZTUwbHh1cWNoeHlwYng4dGUrakFTQmtYelRVWThMeCs3VW14d1Q4Yk43Rzd4TklwbUJ3dFQrbnpMOGNTakx3SWE1b3o5cnNNdXhmTEFabmhpbm4zZTNJYVBpWHlMUHBXZysvUnpHWkV6ck54dU9Wb2hYSWU5UVlDVTM2SmtNcVdkUVp1S1d2R0xnT2ZLRElIMXdQK3VOeEs0UEtnOW1vNmh0S0Y1SkljZEtuKzgvRkljQWUyU0w0V1d2eHNPbS9JZGhBZEF2T1pNS0lRanEzTTNKb1E3dXMyR05KemMwa0hmdz09fA&cppv=2

Request Chain 176

https://px.owneriq.net/ecmg?google_gid=CAESEMxmCnwrCidqLa0PguO1oSI&google_cver=1&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I%26google_cver%3d1%26google_gid%3dCAESEMxmCnwrCidqLa0PguO1oSI%26google_hm%3dUTczMDc5MTQzNTE1NjQ3Mjc5MjA%3d&uid=Q7307914351564727920&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I&google_cver=1&google_gid=CAESEMxmCnwrCidqLa0PguO1oSI&google_hm=UTczMDc5MTQzNTE1NjQ3Mjc5MjA=

Request Chain 178

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

Request Chain 179

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJItaSGi-HFEfxR7QRIQsN8&google_cver=1&google_push=Aa02lx8SGuTdYQe0TXGl8JJ0mRflE9zgPWvhDlqvUOb208xaZhAimQ24rTPKyX_gCvxGuEXAReyW8caZ4IB7cg63ek1-x2tKfO8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJItaSGi-HFEfxR7QRIQsN8&google_cver=1&google_push=Aa02lx8SGuTdYQe0TXGl8JJ0mRflE9zgPWvhDlqvUOb208xaZhAimQ24rTPKyX_gCvxGuEXAReyW8caZ4IB7cg63ek1-x2tKfO8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bOiqyXvcQWOM7qse6CJJAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8SGuTdYQe0TXGl8JJ0mRflE9zgPWvhDlqvUOb208xaZhAimQ24rTPKyX_gCvxGuEXAReyW8caZ4IB7cg63ek1-x2tKfO8

Request Chain 180

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEErGp5M0_BM5nJb9f7fW5eY&google_cver=1&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEErGp5M0_BM5nJb9f7fW5eY&google_cver=1&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA&google_hm=GOhRjGZHR36p8PWoSSKOQwBz

Request Chain 181

https://match.360yield.com/match/ebda?google_gid=CAESEGgzPUsvcxcdFqLFUQguwwg&google_cver=1&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cSnT2A4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGgzPUsvcxcdFqLFUQguwwg&google_cver=1&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cSnT2A4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=BWwyVqfeRyW7mr9B0B9Vzg&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cSnT2A4

Request Chain 182

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGo9nTiCBZp9psxaK--Tslk&google_cver=1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677505035635 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-34038f77-9a8e-4073-8c13-a52bfef5bedb-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w%26google_hm%3DBTQDj3eajkBzjBOlK_71vts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&google_hm=BTQDj3eajkBzjBOlK_71vts

Request Chain 187

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508&dcc=t

Request Chain 188

https://match.adsrvr.org/track/cmf/openx?oxid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60277cfb-7053-4b94-9d5e-5e6dc584a05d&ttd_puid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0&gdpr_consent=

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtaqx6fn1GGpW8UPoZxvO8&google_cver=1

Request Chain 191

https://fksnk.com/cs/google?google_gid=CAESEKbvZ7WgzkC5X1gcfgD77i4&google_cver=1&google_push=Aa02lx-O4vqAun53sEdlylm6s7kuC7ZDvaekvgJdWujmFTUdDY-6umSAgOXDHXhBM5Xk_nzfCgq6pHYhodLcdv02LKn1tIQyB473 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkQxRDdCREM3QUFCN0ExRQ==

Request Chain 192

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIxcKe6br_eMjEFIGQBu5ZY&google_cver=1&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUHuYpF9NpvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUHuYpF9NpvQ

Request Chain 193

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_cver=1&google_push=Aa02lx-IZh6td6_Gx8dl_Autm3bGUmfUFJAGfDaFQbQmnv32KCzEjWZ1ygbpnWk77YN04VC9G1TW8F-avDTCoReUabbUYdsf2KE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_hm=Y_yyCpxmI-qAFxa96PL3MgAABT0AAAIB&google_nid=index&google_push=Aa02lx-IZh6td6_Gx8dl_Autm3bGUmfUFJAGfDaFQbQmnv32KCzEjWZ1ygbpnWk77YN04VC9G1TW8F-avDTCoReUabbUYdsf2KE

Request Chain 194

https://google.partners.tremorhub.com/sync?UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4ngERAsep8U4aWyLnSm4vtrdo2aM7uQjJqiRDkepB0Hm934yOacp4z9zAodBONUzuSA9WgAlu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDY5ZTljNDQ5N2I3NDc3MTgyZTU4MThjZTYwNGNiNDU%3D&UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4ngERAsep8U4aWyLnSm4vtrdo2aM7uQjJqiRDkepB0Hm934yOacp4z9zAodBONUzuSA9WgAlu

Request Chain 195

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGo9nTiCBZp9psxaK--Tslk&google_cver=1&google_push=Aa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-34038f77-9a8e-4073-8c13-a52bfef5bedb-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw%26google_hm%3DBTQDj3eajkBzjBOlK_71vts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw&google_hm=BTQDj3eajkBzjBOlK_71vts

Request Chain 196

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEP9H1c81llIsOQkh6cTjooI&google_cver=1&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP9-L0_z5-vHRt5Gw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=tTGewPY_E0aLYBnlqJ3u_A&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP9-L0_z5-vHRt5Gw

Request Chain 197

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN0yR58FuBg1vN5ssWUvNLE&google_cver=1&google_push=Aa02lx9INpvBrlImvZomto6PL9YgU87W2RIK5LsaqnW6j2trReUHQOIFLVe-PGpZzvhGMZN4B3D5V7bpTAz4NEzjnSOiHHZKgDqQWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTZlMzJhNzQtZjQ3OS00NzZhLWFhM2ItMWVkZWE3NDdiNWI2&google_push=Aa02lx9INpvBrlImvZomto6PL9YgU87W2RIK5LsaqnW6j2trReUHQOIFLVe-PGpZzvhGMZN4B3D5V7bpTAz4NEzjnSOiHHZKgDqQWQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 205

https://fw.adsafeprotected.com/rfw/st/1291519/68983243/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010268213&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=19643503885&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hhPH3QqQ_hrCERcOBy7AzY&adContainerId=brand_safety_C7L8Y6KaCsGYoPMPqOSc-AY&cbFunctionName=goog_wrapCb_C7L8Y6KaCsGYoPMPqOSc-AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:abe2230d-5ad7-b248-ef87-2e22fabccb45,c:5qBHUj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-558b6fc9f9-cjl2g,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:8,mot:0,app:0,maw:0,fm:tx4saTd+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1291519-68983243%7C181%7C19%7C1a1%7C1b%7C1c%7C1d,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:d91352d5-b6a3-11ed-8673-92dfe5f08986,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 209

https://gcdn.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/66CB8310D99C9F742F05B9536E77F27B85EEC60C.5CA6FD088E917493A5F04F565DCAB4474040B885/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/423F6B5EB763ADDEC62F4D583F5F4A1A3815E403.30D753FE5892A2BD3BFFB541A22224AD8260578A/key/cms1/cms_redirect/yes/mh/pv/mip/2a0d:5600:24:1500:1012:dca6:d573:a583/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1677504532/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 222

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPp4EXPlcvkZd52tUjdnc-4&google_cver=1&google_push=Aa02lx86M8JoOLfV7-MpNvBwtXj57QyveZ03_ToBLgb1mKTWXpioCan0pwdN37OifopsUZIr35Jn5Q9cGJY05h_qYpQUyO56Cren HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPp4EXPlcvkZd52tUjdnc-4&google_push=Aa02lx86M8JoOLfV7-MpNvBwtXj57QyveZ03_ToBLgb1mKTWXpioCan0pwdN37OifopsUZIr35Jn5Q9cGJY05h_qYpQUyO56Cren

Request Chain 223

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaYIB5sffU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaYIB5sffU&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

Request Chain 224

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIxcKe6br_eMjEFIGQBu5ZY&google_cver=1&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgSlmDqLf2_MX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgSlmDqLf2_MX

Request Chain 225

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElkdtV8CeXpK3Lb-IoET2s&google_cver=1&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iEgroD30U21SWiLOGp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iEgroD30U21SWiLOGp

Request Chain 226

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHqnGVtPcPM2JMODcHsCzqQ&google_cver=1&google_push=Aa02lx_ek8Tb7XpZgZt_W_4vYiddU1J5NASc1fZTMbpa3F99Nr7Z9PIpNWKMtDqpvdOEs7hEHdAHn8tz91i_3VAjmV773_AHe8k HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_ek8Tb7XpZgZt_W_4vYiddU1J5NASc1fZTMbpa3F99Nr7Z9PIpNWKMtDqpvdOEs7hEHdAHn8tz91i_3VAjmV773_AHe8k&google_gid=CAESEHqnGVtPcPM2JMODcHsCzqQ

Request Chain 228

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOIZ8kFbclTLQ6yD3H6NcPQ&google_cver=1&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEjlsTYfrV2xazKA73ATigu6GQIlHTGdSJxRpQJqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDk1MzRhZjItZmFiOC00NWE4LWE0MjItNDhiNTI2M2JmODg2&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEjlsTYfrV2xazKA73ATigu6GQIlHTGdSJxRpQJqw

Request Chain 244

https://pixel.adsafeprotected.com/rfw/st/1283458/67704349/skeleton.gif?xmtp=v&xmapp=0&xsId=4b22e007-22ce-417d-9a0d-bf5fce200f91&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_campId=1010126503&ias_pubId=pub-2393320645055022&ias_placementId=19635971454&ias_chanId=1&ias_dealId=&ias_impId=v4~~ABAjH0iqZcZjcLIR6lVDuqkzFGxg&ias_dspId=3&ias_creativeId=186559138&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5b4kY7mNXdLnf8P8LxqzA6pT-IMMO4ggPamM8ovaWpiKyDz4Qa6oPueONimu5-ym7ryDhjzkXtOcY65Gxidrg3AdrtCyQdKscnhmuxe-uIHCO8fH42FKhufLSg-t1B9oMR7p_V_uQp8okjHPufJ5vMoxpoIC2iFEho4u539R9Mm3sJUnGqb1sl_FjAbaiAeMw&sai=AMfl-YQgE9D5x7v0TK4w_KyQ2wdhOeXfU3kLdMQ30OVxIvPdD2Aq4i_cD1My_uH6d3W_etejipDaveT-9O7rOSFGUg-fWMbdLMqty624RbwGwHzPkbENTvc_PuD7QQO0a-h1Z8KmkKZLo1aR2_OhkPB6UnRtOGCo&sig=Cg0ArKJSzEfJWwvcrhDqEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=67704349&redirectedRetries=0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 247

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxiX-tXbASABMAE&v=APEucNVSALYpvfEtyKBpCMpCg4UKo250MIcc92BqTQf4p9_57E-7vGqkrveZFlnB2kjTNTY37CFMBi7u91i3k49ZiMQ4b5B8qIGu018IDmTX0hJFsOZWHiE HTTP 302
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNkNTIwNDgtMzljOC0yNmU4LWM2YTUtMWU3ZDFlZDk2MDg4

246 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

forbidden Show response
home.s.id/
Redirect Chain

https://s.id/1AzLP
https://home.s.id/forbidden

57 KB
18 KB

955ms
314ms

Document
text/html

45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

/ Next.js

Resource Hash

4c47cb6b2207c7d39ee175ac32c99e549b0a9bb9cfb89f10fb5251aec48fd1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 13:37:05 GMT
etag: "e4a1-jVA68iw1Tdl35M+IYMnDPX3kU8Y"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: Next.js

Redirect headers

cache-control: private, max-age=30
content-length: 0
date: Mon, 27 Feb 2023 13:37:04 GMT
location: https://home.s.id/forbidden#action
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 d7c4ecb758bc50a6.css
home.s.id/_next/static/css/ 117 KB
19 KB 316ms
315ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/css/d7c4ecb758bc50a6.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4a74be6f3bef9f20234c37328c5d81a27a58b50a7c25901ca5d70fbc4c065d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"1d314-1868e2a6ed8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 77ms
26ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e75a047e3c98e61f29aec2e9e33691d22d3aa83c63845d3c0a9466c077aa10d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 79ms
70ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88805ddbe3298c2d3f8d3a8561851131379568095c800538cfc9439b96a4134b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
67 KB 68ms
60ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

627cd533180decffa415deafbf62f102ac7bdfd991a40cd9dd7eddc349803d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68782
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Feb 2023 13:37:05 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 54ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: K7H61NSZ2KC0EKZW
age: 18
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RMDA7hDSfZE0V+AqwC1qet/XDKB7LpR0sirI7c2PFUNKxwnzkzVXcIXKIP8EmSlMXTu3VrtYcBY=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDs%2BJoi8tunqnqu9Vu9%2FJr97sCOZlK272pzwsbPra1d2hiC%2Fm%2BGzHOz77OrCAI9gc1UjyeSqkpA5cecfmPJ9Ta5bgI%2Fnv%2BUXv9LOFMKgSJE6PIdmCYBpPFssXeXxUPk97aB0hX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7a01502b48bec463-EWR

GET
H2 200 webpack-e0920c5a1c89525b.js Show response
home.s.id/_next/static/chunks/ 5 KB
3 KB 546ms
541ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/webpack-e0920c5a1c89525b.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

16f875310ddb89ec1529a972b7705ddea35537bdbbb5c33c77b6982321829ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"14fc-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-8ff6c737ed443ded.js Show response
home.s.id/_next/static/chunks/ 127 KB
42 KB 548ms
544ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/framework-8ff6c737ed443ded.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

8b8e491570cdfe6b25d81c5943c567d567c809158adfc0449f7683ab4c76e907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"1fbd0-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-bba3f19427abc986.js Show response
home.s.id/_next/static/chunks/ 101 KB
29 KB 547ms
544ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/main-bba3f19427abc986.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

d530ea669f380edb2e2e14f8f30d7ac3b5b98c6090d49f140e3f0eec4c299817

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"19458-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-74b2f95f5f03b863.js Show response
home.s.id/_next/static/chunks/pages/ 334 KB
101 KB 570ms
566ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/_app-74b2f95f5f03b863.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bccfb6e1053d38a80beb45f0de5db74ff700d98c1820a274ab3ffc9b46c9f735

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"53806-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 forbidden-9c7287b02a773507.js Show response
home.s.id/_next/static/chunks/pages/ 4 KB
2 KB 544ms
541ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

24204d788ab4604afbbcc4e6782f19c33608ad8b3f721d8f604c7124f79f80bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"e69-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/ 9 KB
3 KB 541ms
539ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/_buildManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

e146ed284f6880522d5c9fb1fd40a0b443222efb23440de01c469f1f35ef8927

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:39:51 GMT
etag: W/"2254-1868e2a6ed8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/ 91 B
348 B 545ms
543ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/_ssgManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:40:22 GMT
etag: W/"5b-1868e2ae7f0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 91

GET
H2 200 _middlewareManifest.js Show response
home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/ 92 B
349 B 542ms
540ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/cf-PPYW67C7sxqV2gD1NA/_middlewareManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:40:22 GMT
etag: W/"5c-1868e2ae7f0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
822 B 62ms
24ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ade5aafd1ae4dc38520db4e5af96652f04b9cb0261b81158152ebe8a4061a0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 13:37:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 13:37:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 60ms
22ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53cc833848c4c67c1ed27e255440c829a06b8bfafc5818a51ea8e7d6333fe789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 13:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 13:37:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 13:37:05 GMT

GET
H2 200 403.svg
home.s.id/images/errors/ 4 KB
2 KB 1145ms
1144ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/errors/403.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 sid-logo-new-light.svg
home.s.id/images/ 4 KB
2 KB 1147ms
1145ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/sid-logo-new-light.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 4b27aa03-d3da-43eb-8382-660c054fbc9d Show response
ekr.zdassets.com/compose/ 316 B
1 KB 207ms
176ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce62785f51972df8ee838ed147adf5a1ffe11d81154cfe0c9667f3c9c668a0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 79db19e79ae5236b-SEA, 79db19e79ae5236b-SEA
x-runtime: 0.003981
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ce62785f51972df8ee838ed147adf5a1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baDvuk8spF2F89akRenl2SIYV6BQnd9jlrrH4K6%2B1949rV2cEFqT4lHQfcIqk7hXgp9X3B3KvOMt93HvkVSal6ioyvU1I0z4u0mojzzY4MaaToMcQaZV0WPdQb0qTOaP3cs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 7a01502bacbf8c3c-EWR

GET
H2 200 web-widget-framework-c51f107a0ca3e84336b0.js Show response
static.zdassets.com/web_widget/latest/ Frame 1473 158 KB
50 KB 55ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3c9ccd33ff64fbf704d153cba13092fbe17ecde0678a3d53cfa337e49a1786

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: nsG.1b0looRW8Au6Kh.wWMVQtQJ4Vh1s
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: BYPEK7X583JMJRPR
age: 400935
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: hlhCs+FentzGdtYOGwTw5bt/CidvziZBVk+fsmgAffUZDR6TAddGK0gwEverYSb1nFhAJJLXG5s=
last-modified: Wed, 22 Feb 2023 06:38:58 GMT
server: cloudflare
etag: W/"0932241a2c253c61368888cafa81b69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t76YlBT4dQpHEW43RUU2mWihGQgkU5nn3%2FDpiE45VABecGn4DyxFKQ4LhFB6evDT09HUHpzk3uJCBh1tL3vRpCqKH97bLZB39Z8NggKtPGZuTCRRWB1f1kwiorRg50vJxvgbEdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a01502dbea9c463-EWR
expires: Thu, 22 Feb 2024 06:38:56 GMT

GET
H2 200 config Show response
sdotid.zendesk.com/embeddable/ Frame 1473 882 B
1 KB 328ms
267ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03864b2c1e28d1219b43f5f06c2c3b530fd4c6fc9d1f8262c0938034017b7ec

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-578794dcf6-wsvdg
x-cached: STALE
x-request-id: 7a014c8aaf68281b-NRT
x-runtime: 0.001835
last-modified: Mon, 27 Feb 2023 13:34:09 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQZrTQmrIPLLBDb5N0A8LrLOsuFkrquQt62DGDzzmzYwj8%2FWQ%2Fm4hhT4VyFIeyYuA5WQaYh6i1NYy0MR4pjqJ5%2FLxziudIWXRvEYsL%2FaMowDxldw6fF2iDm20ooF2ZrWymjCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7a01502e981dc41d-EWR

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 262ms
14ms Font
font/woff2 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://home.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 21:32:54 GMT
x-content-type-options: nosniff
age: 489852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 21:32:54 GMT

GET
H2 200 web-widget-messenger-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 14 KB
4 KB 20ms
20ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa73b143648005b00d35288ad0322cf9fc10551b2b1bae23d1f54b052b1174bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: p9TPncU07CZbTNaM3Pz616OlucSHeQv8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZVFRFR2R0QGRRZ0
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wGP37w2jzcUPeicon8wm06m1mG5gLY2EL0D92RiRrlIC3eYgWDnTveE6bM8y0xq65QlX35PRmIAvJynsatFCag==
last-modified: Wed, 22 Feb 2023 06:44:17 GMT
server: cloudflare
etag: W/"40e83d111df8b809130232907142deb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOtRwnpf9GibCz12S2hqAbvK56qz1thGeWR8y3BxRr2FuPTzqZ7l0W2A0aoB57yCqGVr0W%2Bb9MoadTZaczS5z4XjY%2BU85PzlnzoAABLvm4JkekVqGlK3IzHMT6a0NFwbMYTTl0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a0150304c9fc463-EWR
expires: Thu, 22 Feb 2024 06:44:16 GMT

GET
H2 200 web-widget-3508-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 395 KB
125 KB 31ms
29ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3508-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2deb381d60aa9a7f01d4f1829f1c0299db18a1b667aa81e18c9c040eca1163

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: LD8DqsDe4ZXX5mTt24_jTilwoT_Pf8uc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4DDMQH78QEPTSGKD
age: 303797
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /mr7wScyr8bHxE25SBYztaFyA0ZgtkHalN+hQBJlqZhtWazlcYSvtkr5ronxD9sEzQnJFaZM6h4=
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"2b77efd7940883199edb6d2bc45539ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SG0mIzKs9gcq3Qov2Zi4i1ZF%2FA%2BeZNNU0frPjELog70%2B9%2BZaezhGILqubot9I2Gro4vPI6LftPsbt%2BcidU9kVSU22uha8PSTM2c%2BxIgG6X1fuR%2BWOk41nh57MjV2NZpXPJOmKTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a0150306cdec463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-3646-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 288 KB
62 KB 27ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3646-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8705fc55d937a73814aba4a7f3a11b030b3445af63b302dfed21cf7b8962d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: CRB1Pi3u8OBxOvBkqazvlNw4YPurjnn_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV461PQ8NKE56BS
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DCsWe7FhC6esqbIfdGNteGe9FD7TVJ1lQ6R/0ZApvToPj/6XVNwO7UU2lq2t2iYma4qes/iYFPw=
last-modified: Wed, 22 Feb 2023 06:44:17 GMT
server: cloudflare
etag: W/"ab0b28bbdb129debde2d8b2740e7e3c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak3DiDWn0y4dUOtMLHmmSluOmJG7z4jfTJNGsMqOiJq209%2BqTRhxqP%2FOZoroSEvQnDERlsFuJBz6P70x4XzPuVrou52%2Fzzcc5koN1FlQntjl%2FYNI1kKpfkj3h558%2F%2FJ8Iln7rk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a0150306ce2c463-EWR
expires: Thu, 22 Feb 2024 06:44:16 GMT

GET
H2 200 en-us-json-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/ Frame 1473 15 KB
3 KB 21ms
20ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fca4d19145332228ca462c75848f97613752f7f8bdb4351d4dd198b6aeaca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: PD.xxQhhsduUdXKzGIqOV0E5.qe8lQGK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV5NQQMT6AVEMFN
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ELWdj4ZCkLdVr485j5c5lFTYRdHw+EgpzaOmbWjO85rYBdrNudiGXBG/hpSsBFEp0h2LqNEDjaQ=
last-modified: Wed, 22 Feb 2023 06:44:19 GMT
server: cloudflare
etag: W/"33f44e263cc049fe99ee30fc157cc9ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGG0jnzZU08mtOUjQ2Z%2BVZSA0%2FfBNLvnnB3PO5et6ksOAXFgDFXe4Mu2M0QDq27pJWi1h%2BXRscyKOhfKHrFKKyZuQS%2Bd%2FWokd9o85VZfFO6PWMsZI4L9izuig8W8vYRRwtLdPLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a0150319f68c463-EWR
expires: Thu, 22 Feb 2024 06:44:18 GMT

GET
H2 200 web-widget-4852-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 139 KB
46 KB 44ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-4852-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d44d7df65de36b9d4864dfac981e5a622ef516b59948a207bc24c64da25a17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: mQj3NdIQiocuBYZmbX...33eZm2SHfqd
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZVF5MR74HJ1DF7Z
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: vZsHSIIqQXn1BdyzxeRTWPXyoT5zQwpfhAHvQuErk7efcC68UjTQ44XHGe5jaQTStcEmTaiejy0=
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"764679dd09fde5fad327b4eeb283bb68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8noPCxUH79SW6rnvsEgPBNPb2cCS9Dy4eJJzsxCVySGKElff6%2FKJYNID4kxA8Nhf284uCv4%2BZ0wiRaaLuPPJyuV6wgLY3tiEv4lSjIdPfVxAVN1xRpq5ACk59Bma4pD7tOqx48%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031eff5c463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-1707-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 24 KB
8 KB 48ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-1707-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65390d5b7859d59c8f35e7b84ae5eea87672e71ca40ad6f4c1f87b0a6c8c7b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: mX5oxAEGCbdkcl2OuHg0s8hKG_I0cDcM
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV4AS8X3P33ZGKH
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: cC807aOiqOntfuu9DM6eCDc4v1AUYopn5oKTIoAu97N4Zu5Qa7rRe2Q67pSQBbqx5U3jecYph5w=
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"ae451f428ab96456490147d8abff0d53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0xKBJ4tMuHS2rs3Ef%2FrzFi%2B4LZBQNiLw%2BP4ld7cCSp62WXCtzBcjyCVmpr8pA4P88AKOfAZz0uQ9t0EZlbLFcrWY5E2I11yBSWEQjLXFLkdnkuKkqQWTiPwe7VeEuNQy77r5vc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031effac463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-3017-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 4 KB
2 KB 35ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3017-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8269b74e3d03d021428c172b126c784c2279c24e48e807fd91c0bd19ec6e167

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: NiyP1g_DaeiBTNSI64X94Vt_1vOBIHBi
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV75XGPRVM81WJ9
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ESPGXAnNQ4RF4/VoRbyjb9SYYKlwkftchzNk56K6mreWBVsC9E5/X1jmTHLsk7iN+y2ZqBALz7U=
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"40d0e2b632d1b990738af3991e0aecb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrxC4uZuO8WZDKziLSQ%2Ft7Af5QhHScPfwhi%2FWlvX2MC9oyKIgrEZRsZ88eaTBdwL7CkRKgxu%2Bb%2FqnOQztjBLadERwTH2hU9OUowtgrWc6BINo%2FUeZP0YjTN4UoxEUlMRRlMcXrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031effdc463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-3487-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 12 KB
4 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3487-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61805aaec683b10d2b0c6d5f431b91d4894f413763c8206c16cc2f1ca9c0ca46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: iQBfy6dK9wcxM.kQ9MRURKBqQ06ecBIL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0FP51P45C3PZWW7G
age: 400933
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oIjfVSmjBpzq8LocQK33Wv+FlpuwOFJ8nY2WdMc89OmrvW3H7MTmLUoAWacSyameoEL5rMIO94Kw8p+dPCXHsw==
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"e13cb194c094696221c50555170f09ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GR9jPaBjjhsBKpcDvcnnqIKRhhFv1NHlvsPeJOriymUBrggfYnbl5%2FnSEu7UCk6lVE%2BDsNJNgZfDP3BP7QxxnDwRySuxFfYiLd1kD9M%2F5wLqAZmnmZrJSsD19iWaKhN32stRWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031e803c463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-4327-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 10 KB
4 KB 30ms
29ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-4327-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a53965a3f035bee1d1926d3456fd395c3391934bcbf56d769818b13ae69a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: RHKweyowU3RQ5szkB066c6MjmFvOpLIR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV2AYCY0GX8RR57
age: 400934
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: BVlRhIzUnGFRcDRAYjxZIQ4V4jX6g/EemlfAuN/EghOzPfdmbDM0E26TQuEOvC1jO7iCTlG+RFs=
last-modified: Wed, 22 Feb 2023 06:44:18 GMT
server: cloudflare
etag: W/"4f308159ef99e06f6c11026c8ea99775"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXSBfqj4EJBxR2rx5MMgHbraWaH7bSSKmIRsaU5WntNXX1%2FOKnR0Llp6vAmD73fkYmhHHLenBpi6zrk56gw%2FqdZm2gjIFLzocXD4IbjgL1DKoJGs2fFUSR9vxE1emQodQe4OUVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031f808c463-EWR
expires: Thu, 22 Feb 2024 06:44:17 GMT

GET
H2 200 web-widget-6940-a719207.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 1473 19 KB
6 KB 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-6940-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c840e437d91761ff7021b81f40c9a009f4aed4082f7431633cac38ee3aec36

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:06 GMT
x-amz-version-id: 6jQPnyqY_m5wNH_h0d22D6nkgSgicUIj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0FPAP203X031QB5K
age: 400933
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 7pzV6YGSCvUl28UHM65lLNJDH4e7jXcfcmp4i/enLi4TVvRbWn+rDSs0Cp621h7YbBqLiUTmxyY=
last-modified: Wed, 22 Feb 2023 06:44:17 GMT
server: cloudflare
etag: W/"8f0468a9cb56a32ae09095f70b249169"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHI0pPQUy7yUt7z8PVgiZV0PDykrL4IWHw5Cb5Vzng5BtjMkKntmjlw9hIxZI6YPAbuIj11e2C%2BPXY7%2FkbfNLp22BZI8%2B6FDQKhg%2B1p6krUiupZ7Eszo63WT7hxHfbzAS3Q57Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a015031f810c463-EWR
expires: Thu, 22 Feb 2024 06:44:16 GMT

GET
DATA 200
OK truncated
/ Frame 98FA 370 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 embeddable_blip
sdotid.zendesk.com/ Frame 1473 0
0 206ms
203ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX21lc3NlbmdlciIsInBhZ2VWaWV3Ijp7InRpbWUiOjEyMiwibG9hZFRpbWUiOjY5LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiRm9yYmlkZGVuIC0gUy5pZCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTAuMC41NDgxLjE3NyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2UsInJlZmVycmVyIjoiaHR0cHM6Ly9ob21lLnMuaWQvZm9yYmlkZGVuIn0sImJ1aWQiOiI1MjNjYzIzYzlhMmM0ZDZkYTExNzI3MDk2MjU2MGMyZiIsInN1aWQiOiIzMjZlYThlNjJkMGQ0OTVmYmQ5YjljZTRkZDQyM2E2YiIsInZlcnNpb24iOiJhNzE5MjA3IiwidGltZXN0YW1wIjoiMjAyMy0wMi0yN1QxMzozNzowNi45MzRaIiwidXJsIjoiaHR0cHM6Ly9ob21lLnMuaWQvZm9yYmlkZGVuI2FjdGlvbiJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:07 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Feb 2023 13:37:07 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj3tKp9R6L1oOumINMr90taARRA4vX9NcYL1J17iBa6nGKuClQrtr%2BUOfCkTS5dNMox6hUFDMj1yT8VMGN8KzLhyZkN0V4GK2iNaYKp8YoTFYKkXy%2B4J%2B3YIUTGRy52ubIXFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7a015032686bc41d-EWR
content-length: 0
x-request-id: 7a015032686bc41d-NRT

OPTIONS
H2 204 redirect
api.s.id/api/ Frame 0
0 739ms
237ms Preflight 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
date: Mon, 27 Feb 2023 13:37:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 204 me
api.s.id/api/user/ Frame 0
0 737ms
238ms Preflight 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/user/me

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
date: Mon, 27 Feb 2023 13:37:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 redirect Show response
api.s.id/api/ 469 B
894 B 968ms
323ms XHR
application/json 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-74b2f95f5f03b863.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1677505027,8ei4dg,b89ff9549598e42abbed3c57b9857850
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
content-length: 469

GET
H2 401 me Show response
api.s.id/api/user/ 58 B
541 B 966ms
321ms XHR
application/json 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.s.id/api/user/me

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-74b2f95f5f03b863.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1677505027,zg8q7gj,798a9e34c9f3a42e9a98ca146607fefc
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
x-ratelimit-remaining: 29
access-control-allow-credentials: true
x-ratelimit-reset: 30
x-ratelimit-limit: 30
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
content-length: 58

POST
H2 204 collect
www.google-analytics.com/g/ 0
249 B 272ms
17ms Ping
text/plain 2607:f8b0:400d:c04::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je32m0&_p=756904140&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677505026&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 268ms
18ms Ping
text/plain 2607:f8b0:400d:c0b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je32m0&_p=756904140&_gaz=1&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677505026&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 266ms
16ms Ping
text/plain 2607:f8b0:400d:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=404804102.1677505027&gtm=45je32m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/ 2 KB
2 KB 260ms
53ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1677505027077&cv=11&fst=1677505027077&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhome.s.id%2Fforbidden&tiba=Forbidden%20-%20S.id&auid=78071731.1677505027&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbf204a93ed92a148088fcc78ac2acc271c2d2957ef5d4a8f2be4a432c32f930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1185
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 36ms
35ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1d637a3eb860160f403eee2a069b7ddc23f02e4ba8aac86ee22f90f0c00fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c04::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 11:54:56 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6131
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Feb 2023 13:54:56 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10823601447/ 42 B
455 B 64ms
22ms Image
image/gif 2607:f8b0:400d:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10823601447/?random=1677505027077&cv=11&fst=1677502800000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhome.s.id%2Fforbidden&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1603319186&rmt_tld=0&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 18ms
17ms XHR
text/plain 2607:f8b0:400d:c04::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=756904140&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&dt=Forbidden%20-%20S.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=947395209&gjid=422953018&cid=404804102.1677505027&tid=UA-225238330-2&_gid=913652988.1677505027&_r=1&gtm=457e32m0&z=1382467995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response
blog.s.id/post/2022/05/19/ 64 KB
17 KB 944ms
279ms Document
text/html 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

/ Next.js

Resource Hash

6d9a2bb2735c954682fa5cd71da95a29d078387c2934758177aac06fb92b9db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://home.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 13:37:10 GMT
etag: "10101-FDjR8bYIAtIlHnhYyjA62xZpogg"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: Next.js

POST collect
www.google-analytics.com/g/ 0
0

POST collect
analytics.google.com/g/ 0
0

GET
H2 200 2edbe2015680222b.css
blog.s.id/_next/static/css/ 98 KB
16 KB 252ms
252ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/2edbe2015680222b.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4e7aa678395bd03e64a4eb181ce498a3b33c50b95cb8ca52da3672963a60bbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"18685-1868e2951b0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 db96805030821792.css
blog.s.id/_next/static/css/ 4 KB
1 KB 251ms
250ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/db96805030821792.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

1245d3ddaaddbc28d42ad8699e9e9f41e99ffba4e4468af84f3f192603261165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"f9d-1868e2951b0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 284ms
80ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e05eeaaf8f7c7818eca13552446471257cf09b23d8fc24c310517d9c88c60ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49374
x-xss-protection: 0
server: cafe
etag: 9860045068896390402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 13:37:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 32ms
27ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebc8bf387644011312380615c2ff61915b71a638297d7f1ecb9b71599819f5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:10 GMT

GET
H2 200 webpack-434fefa8f39d8fbc.js Show response
blog.s.id/_next/static/chunks/ 2 KB
1 KB 409ms
402ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/webpack-434fefa8f39d8fbc.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

dc81419da19f1c777a0ba3ccd0b1019725c6333c17811717bf843bf2ddc105fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"6db-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-1d78b5852a861806.js Show response
blog.s.id/_next/static/chunks/ 127 KB
42 KB 478ms
471ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/framework-1d78b5852a861806.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

d388d6eadbda67959df2e176105d189a9ee25434d49e645a752b2a10afefacab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"1fbbe-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-42bee57ba94e9a13.js Show response
blog.s.id/_next/static/chunks/ 101 KB
29 KB 477ms
470ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

0b1bd0e2c03531c3c089653463418df229cae482a400e497d0681a750e31f295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"193b5-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-a1aaa7198e7209b9.js Show response
blog.s.id/_next/static/chunks/pages/ 182 KB
58 KB 443ms
436ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/_app-a1aaa7198e7209b9.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

cd0ee4780d1be116a41b397c9efb57ce0984c1419ea07725fa9f4ed995491e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"2d815-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 30846afe-cfd475acf1f13fd6.js Show response
blog.s.id/_next/static/chunks/ 3 KB
1 KB 407ms
401ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/30846afe-cfd475acf1f13fd6.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

7f877742d5ee9762de28c1a13dc20ad019d1caf00b91d9d3d3bac091d4cefff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"a05-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 471-dd22a53f3091be72.js Show response
blog.s.id/_next/static/chunks/ 123 KB
37 KB 411ms
405ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/471-dd22a53f3091be72.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

37c2a2c98989e62a75b5f11c3c2f901940fbf2c323be0bb275ec25f1751a4563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"1ed84-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 769-42c553aad5ec5871.js Show response
blog.s.id/_next/static/chunks/ 223 KB
65 KB 410ms
404ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/769-42c553aad5ec5871.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

0e5b553eae0a1bd5afea26fa8809c2bb72079191b523b75e9363d1cb11dcd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"37ba9-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 729-85e5bb6bfb011aa6.js Show response
blog.s.id/_next/static/chunks/ 19 KB
6 KB 961ms
956ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/729-85e5bb6bfb011aa6.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

02723c9019bb3ebab29d006fa58590e1759ef7ba60755aa17edbf7ebc759f43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"4bf3-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 %5B...article%5D-9ffadfb59b43e923.js Show response
blog.s.id/_next/static/chunks/pages/post/ 18 KB
6 KB 959ms
954ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

9481d1812910914a0290fa0a2652c0c99f1e710a6350a4307ea9570ef5e1db38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"46a4-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/ 1 KB
755 B 957ms
953ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/_buildManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

e5be24db54af7faa99adb4a761a258edf8befa6a2e0de88f3455cfc5c64c168e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"40f-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/ 77 B
335 B 959ms
955ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/_ssgManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:38 GMT
etag: W/"4d-1868e2951b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/ 92 B
350 B 955ms
952ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/CD4PPyIHtF0gwECNXYDVo/_middlewareManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 26 Feb 2023 14:38:57 GMT
etag: W/"5c-1868e299be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
842 B 39ms
39ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

153028d38066283cb12f18cef39397671766ded532fa008782e24de06fed33c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 13:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 13:37:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 13:37:10 GMT

GET
H2 200 sid-logo-new-light.svg
blog.s.id/images/ 4 KB
2 KB 789ms
788ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-light.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"f40-17f53bdff78"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 adg-red-ring.svg
blog.s.id/images/ 6 KB
2 KB 792ms
791ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/adg-red-ring.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 12 Mar 2022 15:31:22 GMT
etag: W/"1926-17f7ec17510"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/ 366 KB
121 KB 53ms
52ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

76a0d0720dc2f6bc434c0c2ffb32deaf3245421ba4994e2f8b1aaa0e4e88e676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123282
x-xss-protection: 0
server: cafe
etag: 14543231727733459767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 13:37:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 58D8 10 KB
4 KB 18ms
17ms Document
text/html 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 06:21:20 GMT
etag: 10353107486223812946
expires: Mon, 13 Mar 2023 06:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 47 KB
47 KB 18ms
17ms Font
font/woff2 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:46:05 GMT
x-content-type-options: nosniff
age: 532266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 09:46:05 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
597 B 100ms
55ms Script
text/javascript 2607:f8b0:400d:c07::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9d -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3b6bbde3fc56d62a4aa5c36fda0b7a9aba5e0d5913cd62816798ea04a0feaee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
29ms Script
application/javascript 2607:f8b0:4006:81c::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 531F 0
20 B 147ms
145ms Document
text/html 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1677505031&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677505031294&bpp=3&bdt=343&idt=124&shv=r20230222&mjsv=m202302150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6471520185774&frm=20&pv=2&ga_vid=404804102.1677505027&ga_sid=1677505031&ga_hid=1043880441&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44777876%2C31071642%2C31071756%2C31072480&oid=2&pvsid=69132477306625&tmod=1498070346&uas=0&nvt=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:11 GMT
expires: Mon, 27 Feb 2023 13:37:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 25ms
24ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53037efd05b191a87182ef3ba16be92dc69c3f3148c3a1f2a52f4ccf32910d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 30ms
29ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

643cc1eca5ac3990d9bfef9b58742d394ea3d70bee7e1f96f0421c435b29ed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 13:37:12 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 21ms
19ms Ping
text/plain 2607:f8b0:400d:c0b::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je32m0&_p=1043880441&_gaz=1&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677505032&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
18ms Ping
text/plain 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=404804102.1677505027&gtm=45je32m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 28ms
26ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: K7H61NSZ2KC0EKZW
age: 25
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RMDA7hDSfZE0V+AqwC1qet/XDKB7LpR0sirI7c2PFUNKxwnzkzVXcIXKIP8EmSlMXTu3VrtYcBY=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq4BFpmMiBT0UEAXfOP9MuUXk7yQO1DbZbKgMt6VmYEgzLYY1Ej4qDw8LQKTfHy3we7zN3DWfwTV%2BnfShok%2F9bnLWhrmv19XvMULq8Nn3uoXq%2BmIlYgHi289LHlGJkOXVGmWAhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7a015052bf1fc463-EWR

GET
H2 200 sid-logo-new-dark.svg
blog.s.id/images/ 4 KB
2 KB 245ms
244ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-dark.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"f40-17f53bdff78"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response
ekr.zdassets.com/compose/ 319 B
572 B 105ms
105ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294919c4ba58baaaa0054ec15294288e6af88f442e80217fe90ece943b03785e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 79db1a0e2fef236b-SEA, 79db1a0e2fef236b-SEA
x-runtime: 0.003567
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"294919c4ba58baaaa0054ec15294288e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlSppxHMdxx63MRmE%2FJKFPeFdP7%2Bfd5Zj9Hchjxoc5iglC6jBbt2aGivqLkFxZ3g5ds5r%2FAtdRRXr3PCnP0yRekMZ8HBtdGUrrTA5V7LQ9h42ZyqSOoaiXFQNkUkXtircXk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 7a01505399098c3c-EWR

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2607:f8b0:400d:c04::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je32m0&_p=1043880441&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677505032&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c04::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-c51f107a0ca3e84336b0.js Show response
static.zdassets.com/web_widget/latest/ Frame 203E 158 KB
50 KB 20ms
20ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3c9ccd33ff64fbf704d153cba13092fbe17ecde0678a3d53cfa337e49a1786

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
x-amz-version-id: nsG.1b0looRW8Au6Kh.wWMVQtQJ4Vh1s
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: BYPEK7X583JMJRPR
age: 400941
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: hlhCs+FentzGdtYOGwTw5bt/CidvziZBVk+fsmgAffUZDR6TAddGK0gwEverYSb1nFhAJJLXG5s=
last-modified: Wed, 22 Feb 2023 06:38:58 GMT
server: cloudflare
etag: W/"0932241a2c253c61368888cafa81b69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTfKMbpZ0Wg7E0ODuuHu7mPNgi1xC0NFnfgvE9RE8WfqfFhTvf69SagUlm0wgW9wWM%2F%2BqvhO4kNVMcDsPccgBw%2BoOaFJuMcjcic1DiGpxiSZ9%2FFpyuxcxokrhsYPNxc2w46azR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a0150545ac5c463-EWR
expires: Thu, 22 Feb 2024 06:38:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 106ms
61ms XHR
application/json 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f9bf3205eb1f74e902266b014761f622a52493b08f345455104e255aa907b267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11232
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 70ms
18ms Script
text/javascript 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a97f3e555b6cff7e0ac9d0b4bc8ba0da7071c529ec70334829915e5397d59e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26601
x-xss-protection: 0
server: sffe
etag: "1495 / 444 of 1000 / last-modified: 1677499723"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Feb 2023 13:37:12 GMT

GET
H2 404 config Show response
shortener.zendesk.com/embeddable/ Frame 203E 15 B
955 B 73ms
24ms Fetch
text/plain 162.159.138.6

General

Check archive.org

Show headers Download Go to

Full URL

https://shortener.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.138.6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
strict-transport-security: max-age=0;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1586
x-zendesk-origin-server: embeddable-app-server-5c6fdf889d-fb5t8
x-request-id: 7a010f87bc8f225b-ORD
x-runtime: 0.005131
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh%2BMYfhsFC3uqF4C5XHnmGEYnyVi0GbgXzDKu0NlWGLgDH3Xs1Cur0ueuAmNHc7iBz9E%2Be%2BK7%2FkcQsJdNb%2BcKAEibhZfaeSbWvjlBQH4%2FyyJXsxB9wB5bbZS9Yz9ghwJbA7Ivcw54g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=3600
vary: Origin, Accept-Encoding
cf-ray: 7a015054e868335a-EWR

GET
H2 200 site.js Show response
protagcdn.com/s/s.id/ 386 KB
113 KB 317ms
268ms Script
application/javascript 2606:4700:20::681a:68e

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/s.id/site.js
Requested by: Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=396346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 28 Jun 2022 09:03:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLJehVKMSUfuWnZPbes3%2BcLB%2BCGw841SJLE6brN7fl7jimJH8DQpMLJDBH%2BybbhpyIItZv05WwQNd%2B8yn7uL50b35sfLOkCfzEYprmcURZd1UBjzQOA1%2BDUG6rMc%2BhXmcT7jOG3lkfU0rlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7a015054eaddc34d-EWR
expires: Mon, 27 Feb 2023 14:07:12 GMT

GET
H2 200 pubads_impl_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
129 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::9a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425808
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132325
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Feb 2024 15:20:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 413 B
239 B 60ms
26ms XHR
application/json 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::9a -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

77c32112d9ff0ee870ab61b5fde1ad9e978dd26c216035d3b70b60a6d56d40ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
expires: Mon, 27 Feb 2023 13:37:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 381ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302150101/show_ads_impl_fy2021.js?bust=31072480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 13:37:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2607:f8b0:4006:81c::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 289 KB
68 KB 1510ms
1509ms XHR
text/plain 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=69132477306625&correlator=2157477998907911&eid=31072518%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D40%26protag_minutes%3D37%26protag_hours%3D13%26protag_day%3D1%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D40%26protag_minutes%3D37%26protag_hours%3D13%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D40%26protag_minutes%3D37%26protag_hours%3D13%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D40%26protag_minutes%3D37%26protag_hours%3D13%26protag_day%3D1%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D40%26protag_minutes%3D37%26protag_hours%3D13%26protag_day%3D1%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&sc=1&cookie=ID%3Df4dbb0060293b249-2203db4287de008a%3AT%3D1677505031%3ART%3D1677505031%3AS%3DALNI_MZZRSPryqv04amqACgMIsCCZZXZig&gpic=UID%3D000009c30d67ce84%3AT%3D1677505031%3ART%3D1677505031%3AS%3DALNI_MYPJli5MEn9yJTZstX1rIYfm67ZXg&abxe=1&dt=1677505033097&lmt=1677505033&dlt=1677505030951&idt=1951&adxs=-9%2C492%2C427%2C426%2C1086&adys=-9%2C265%2C885%2C2427%2C137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&frm=20&vis=1&psz=0x-1%7C336x-1%7C743x0%7C744x0%7C220x0&msz=0x-1%7C336x-1%7C743x0%7C744x0%7C220x0&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=404804102.1677505027&ga_sid=1677505031&ga_hid=1043880441&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::9a -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

29b1b6441b6c1ff0d83a6f09a0eba0e1f595197d94d2bd6e9d9d607e5a988d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69561
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04CC 6 KB
3 KB 139ms
24ms Document
text/html 2607:f8b0:400d:c09::84

General

Check archive.org

Show headers Download Go to

Full URL

https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:13 GMT
expires: Tue, 27 Feb 2024 13:37:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA75 13 KB
5 KB 16ms
8ms Document
text/html 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 29527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 05:25:06 GMT
expires: Tue, 27 Feb 2024 05:25:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 55AA 783 B
950 B 46ms
31ms Document
text/html 2607:f8b0:400d:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62ba9f73621b36990200d7d06ade1a2e16899309a1935d9105e63d3cec9c2ad2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GpfjlrOfnakaZ-Ilj1J-cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-GpfjlrOfnakaZ-Ilj1J-cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:13 GMT
expires: Mon, 27 Feb 2023 13:37:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame FA75 36 KB
14 KB 40ms
34ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 05:00:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55AA 0
0 65ms
62ms Image
text/html 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=69132477306625&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0c::9b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FA75 0
10 B 7ms
6ms Image
text/plain 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pxCHHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 29ms
28ms Image
text/html 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=69132477306625&bg=!7u2l7bnNAAZYlHKzeJQ7ADkAdvg8Ws1qpBbqz-107UdSiZ8TnSTl0WsjE2cuIWrTjxRMk1anyLKLdbuafOMS4sTp7bI6SiFRFMQCAAABAlIAAAADaAEHCgBlNPhc6WEu1pC_jzM_q19K_pLMMB0yauhRBbNflS9ZOz6ZJDiyq0fCVaYl3NOOAj5B-FhP1t0LXkGdRp1vfF7gidT9INyCXIc9-BxHuDn6dyJdj5ymQC5aBBBuB7HZ5vyWL1j-znGZAq_cLdJq5yJtGCZooDtDYDyYRnSNQ4nDGCV1S7hvoBnhuOVFHxuFOyCPLlTuPmFxCfa6jZy4Z19uuvV797ZRKHaDcq6M2WnGPuW2C6fFsOfiY7kaGQj6nClDl0EOltjc0c_KVxR3YWydnkm_87lkoFhTa_Eo4fFxVo3CB_1I6htfDLl6OET9KHiDcVmrdozQ53rbafH5PTKfzbWzsY1fzmdAwb0TN7V52GPDZ8nntwLHt8HupG1MO6xGa6JpzTYC7UGCMfjtj1xW7uCWTOrZGM8HRhySt3FU0FirDc96_Ic_3n4bHWTuaEkcsxmSsPd3qhZLI_NMPYid1r8YQqkwIR6dlv3JFA5LsWUzYaTURTdMFBkytGD0vkWdH5B8o-w4Or8NNIAX3RU7pB1SmCD0uaO5IiQRuo66_ENz2aoTHRi86ranAypWhy8ZZicZe4wMhFD-RzC-vCIDFlY3EvJcx9Tz42VM5NK1SSbBbatQw43f7ALDPJsoxx9bL9fRubXg7aQUc6P8KG2ZGKqwgfapc-tVencNAmxqY8aiZrXt_HJUkWGCgTr3sCj7kinmFEfLvmta9q0QTZXk8L1QAKEnOnMgLUclasGGKzpvgl4rrjqOii497_Pl3rBWxGTLgOp08btiquFXhZs31I8RohcoyZ9kUZLG1WuOZodPLdokmn4S4jg3pJ-gvInfVGzzqmnvo2fgWS6qT6q3wpxbTVnrnCvOsB1cyrsyV0Wzgg-lLeOW8IQ65l8-QEjbKWX-gKQwc4sCYpceTdRPIC-Y1Qc8AXdnLZfwg3IbHRwAcI9zGZCcobYHqnm9b8x3pUOrvr4pH2v5Kx0nubXWcXHfA9duiOLW5BRyvCYela_H_IFeITWkPkCs2p_dDHLE4yjHO2Vf0IrTrF33DcJt2NwcjamTf1U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0c::9b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 70ms
3ms Script
application/javascript 2a04:4e42:600::485

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 -, , ASN (),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 13:37:14 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 18992
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230042-FRA, cache-ewr18149-EWR
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 71ms
5ms Script
application/javascript 34.102.146.192

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 08:14:27 GMT
content-encoding: gzip
age: 1660967
x-guploader-uploadid: ADPycduTWwBH7qThxbrW3XCqc-_zuqOFpBLBfoqn_8ec40SUf3WwFH42IN-CexbN-6dMFTp8BpxiqjziHvfHyfRF5L2IAg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 08 Feb 2024 08:14:27 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 74ms
12ms Script
text/javascript 2620:100:a001::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:37:14 GMT

GET
H2 200 container.html Show response
53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5382 6 KB
3 KB 25ms
18ms Document
text/html 2607:f8b0:400d:c09::84

General

Check archive.org

Show headers Download Go to

Full URL

https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:13 GMT
expires: Tue, 27 Feb 2024 13:37:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame C3E5 2 KB
1 KB 50ms
11ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6257
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150633b66c445-EWR
content-length: 1168
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H2 200 container.html Show response
53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E260 6 KB
3 KB 18ms
16ms Document
text/html 2607:f8b0:400d:c09::84

General

Check archive.org

Show headers Download Go to

Full URL

https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:13 GMT
expires: Tue, 27 Feb 2024 13:37:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame D450 2 KB
1 KB 27ms
13ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6257
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150633b68c445-EWR
content-length: 1168
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H3 200 container.html Show response
53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5241 6 KB
3 KB 22ms
19ms Document
text/html 2607:f8b0:400d:c09::84

General

Check archive.org

Show headers Download Go to

Full URL

https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:13 GMT
expires: Tue, 27 Feb 2024 13:37:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 38FE 2 KB
1 KB 11ms
10ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6257
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150634b86c445-EWR
content-length: 1168
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H2 200 030db783cd93f01ccad1528166361a91.js Show response
www.gstatic.com/mysidia/ Frame 5382 9 KB
5 KB 66ms
17ms Script
text/javascript 2607:f8b0:400d:c00::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 22:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4099
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 May 2023 22:43:17 GMT

GET
H2 200 5b032f5da114b9082b26e2dd1530bd65.js Show response
www.gstatic.com/mysidia/ Frame 5382 135 KB
50 KB 68ms
19ms Script
text/javascript 2607:f8b0:400d:c00::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

02a16b477dfa8fe5fe408c2051042f31a15b0202fd64f70ca79a1df9f10e9fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 13:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51335
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:45:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5382 8 KB
895 B 25ms
24ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:56:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 13:37:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5382 2 KB
765 B 8ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 16:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 16:09:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 5382 22 KB
9 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:47:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 08:47:48 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5382 3 KB
1 KB 6ms
3ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:47:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 08:47:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5382 20 KB
8 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 16:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 16:09:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5382 0
0 32ms
29ms Image
text/html 2607:f8b0:400d:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7eDQ8RoyNSbbY5i8xW_XxABoojhJZ-vuWFZTDu4yDvSG_0vEtOsADlT6gZG7-zVNBUAh2Kewl8e5hX6rO1w86ixpWwA
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5382 158 KB
49 KB 79ms
22ms Script
text/javascript 2607:f8b0:400d:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 13:37:14 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js
www.gstatic.com/mysidia/ Frame 5382 33 KB
14 KB 20ms
18ms Script
text/javascript 2607:f8b0:400d:c00::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 12:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 12:45:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3145 624 B
242 B 79ms
72ms Document
text/html 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxixoIXfATAB&v=APEucNU5v58MjaBghs8fvArl29_N5kbLjWXHEnXzCME4ElogKByab9nDZWfn2m-1ogp_33FqeBht32bA_mVOR_Pcti8UsYANGg

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E260 78 KB
27 KB 77ms
74ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27800
x-xss-protection: 0
server: cafe
etag: 13454357883945390929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 13:37:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E260 42 B
63 B 30ms
27ms Image
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvbNcpbRJ_gkY_pTjXsd0GWsQ1d-fz9q4e-YKwMW0d-OJ5lH6Soe_0-7h9QOJNnyarExbC68F4qQ30EHfjro9QXzlB5mMKjKS62d0D0nNqZ5le48U

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E260 0
20 B 75ms
73ms Image
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11668316121590213587&x=1&ct=76

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame E260 3 KB
1 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:47:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 08:47:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame E260 20 KB
8 KB 11ms
9ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 16:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 16:09:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E260 0
0 31ms
29ms Image
text/html 2607:f8b0:400d:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQp2J66Z6WRXMAa6XMOi2fZPU4uq7XsGTdUrH0J52m8GyV8afFAVRc_ldPNE61QC8UXq1LIrgK8qVWsYhrhyebIAz6zjg
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E260 158 KB
48 KB 89ms
42ms Script
text/javascript 2607:f8b0:400d:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::9a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 13:37:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 5241 22 KB
9 KB 10ms
9ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:47:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 08:47:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5241 8 KB
716 B 32ms
20ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 12:41:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 13:37:14 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 5241 14 KB
3 KB 98ms
17ms Stylesheet
text/css 2607:f8b0:400d:c04::5f

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.css

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 11:39:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 11:24:16 GMT

GET
H2 200 outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 5241 378 KB
129 KB 99ms
18ms Script
text/javascript 2607:f8b0:400d:c04::5f

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 16:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132104
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 11:39:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Feb 2024 16:57:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5241 20 KB
8 KB 15ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 16:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 16:09:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5241 0
0 62ms
50ms Image
text/html 2607:f8b0:400d:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvGADrZgU-F3tc_PY96tb9WBjTN5edCNsVRGF6wulxxW68ePweQAPylx8BoX6Gn4oW5kExADaxvERjacxBk90wMANosg
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame C3E5 31 KB
24 KB 17ms
12ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1677505034839&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=hv6fct3l2u4z&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6253
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a015063fd08c445-EWR
content-length: 24223
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H2

200

esp
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

85 B
203 B

39ms
36ms

Fetch
application/json

34.120.107.143

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-5Uk5RXzu+1GG/hg3ZpacnjWkhys"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 27 Feb 2023 13:37:14 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://blog.s.id
location: /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe
gum.criteo.com/ Frame F5D7 15 KB
6 KB 36ms
10ms Document
text/html 2620:100:a001::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 13:37:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 433981
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame D450 31 KB
24 KB 11ms
11ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1677505034843&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=f3p8uxk9oui7&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6253
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150644db4c445-EWR
content-length: 24223
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H2 200 flimpobj.js
pixel.yabidos.com/ Frame 38FE 31 KB
24 KB 14ms
14ms Script
application/javascript 104.19.231.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1677505034871&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=axf2zr9onfmn&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.231.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
server: cloudflare
age: 6253
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150645dd3c445-EWR
content-length: 24223
expires: Mon, 27 Feb 2023 15:37:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3145
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1

43 B
766 B

6ms
5ms

Image
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxixoIXfATAB&v=APEucNU5v58MjaBghs8fvArl29_N5kbLjWXHEnXzCME4ElogKByab9nDZWfn2m-1ogp_33FqeBht32bA_mVOR_Pcti8UsYANGg
Protocol: HTTP/1.1
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 13:37:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3145
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-yyCpxmI.qAFxa96PL3MgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1&google_hm=2

43 B
766 B

6ms
6ms

Image
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxixoIXfATAB&v=APEucNU5v58MjaBghs8fvArl29_N5kbLjWXHEnXzCME4ElogKByab9nDZWfn2m-1ogp_33FqeBht32bA_mVOR_Pcti8UsYANGg
Protocol: HTTP/1.1
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 13:37:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEstbxNhsnpup-Q4sXmFXZc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3145
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD0jMOuRx-G3HmQL5SqA6M&google_cver=1

43 B
1 KB

13ms
7ms

Image
image/gif

68.67.160.117

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGD0jMOuRx-G3HmQL5SqA6M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxixoIXfATAB&v=APEucNU5v58MjaBghs8fvArl29_N5kbLjWXHEnXzCME4ElogKByab9nDZWfn2m-1ogp_33FqeBht32bA_mVOR_Pcti8UsYANGg

Protocol

HTTP/1.1

Server

68.67.160.117 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 13:37:15 GMT
AN-X-Request-Uuid: 682dca4c-ce9e-46c0-8421-33831565b519
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 5.181.234.134; 5.181.234.134; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGD0jMOuRx-G3HmQL5SqA6M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3145
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MDIwNDczNDkxNjEwODUyMQ%3D%3D

170 B
243 B

22ms
22ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MDIwNDczNDkxNjEwODUyMQ%3D%3D

Requested by

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 13:37:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.181.234.134; 5.181.234.134; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e093fc27-4602-48ca-b622-fbb240d23f2f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MDIwNDczNDkxNjEwODUyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 13623303773494422222
tpc.googlesyndication.com/simgad/ Frame 5382 164 KB
164 KB 9ms
4ms Image
image/jpeg 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13623303773494422222

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:33:59 GMT
x-content-type-options: nosniff
age: 277396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168155
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 22:11:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 08:33:59 GMT

GET
H3 200 2491532785841680181
tpc.googlesyndication.com/simgad/ Frame 5382 19 KB
19 KB 14ms
9ms Image
image/png 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2491532785841680181?w=100&h=100

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 23:05:54 GMT
x-content-type-options: nosniff
age: 397881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Wed, 21 Aug 2019 22:06:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 23:05:54 GMT

GET
H2 200 data=WztWuhyI8cwZh2k86GvP0X_BdkcFnFXnYtpFKFaFjoF46rLp1nuULekVFL2UvDES6cquuppH0XJeC-g0
mts0.google.com/vt/ Frame 5382 58 KB
58 KB 112ms
25ms Image
image/png 2607:f8b0:400d:c09::8b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=WztWuhyI8cwZh2k86GvP0X_BdkcFnFXnYtpFKFaFjoF46rLp1nuULekVFL2UvDES6cquuppH0XJeC-g0

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::8b -, , ASN (),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58904
x-xss-protection: 0
x-server-version-bin: CggIBBD58OSfBg==
server: scaffolding on HTTPServer2
etag: 057465c6de83e3c0e
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2119
expires: Mon, 27 Feb 2023 14:12:34 GMT

GET
DATA 200
OK truncated
/ Frame 5382 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5382 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 5382 0
234 B 266ms
92ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lemv6oz6&c=8008100154205&slotId=4004050077102.5&qqid=CPvG85zptf0CFd0PiAkdBlwHcA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5382 0
0 36ms
35ms Fetch
text/html 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsWOACbL8Y7ueDN2foPwPhridgAfKtteVb6Gd1Ke7EN3UkaiGEBABIJLY30pgycapi8Ck2A-gAciqxdYDyAEJ4AIAqAMByAPLBKoEwQJP0DWGYWDmLOtTvWN11z4an0SmwD75oKAlNXacdpr9E6jk4WtVo1L3t9fAadEFcM1fwnH3W9wJKkpgK50erosRfNTtrv5bs6xUq7gWvEZvfO8gFz8IphXYqFgIVFSYbkCPMaLQTSQUrKQWDCuCrVkErTmnOqdnOoAKxHiQejrO_tmDkysrLLGbD-_pqUO6DXKBPI6Kg1uY-U3wymNjrCz_CUxH1zkKJChZzIjb_U_4qDTz5AKx6Vu-FgOhxZ9_HffGgXWPJsepB_adqjT1BdTqciOVcVWJXtJF3BmEDnM7Zz2JnYaxydWLJtJVWq6VT12lkm8ecBhRQmRNEIFBCQYtMV_f2d-Tqxq6oY4Z66QjhAPzzoUNe932jajrkDU3ZE1HnuyJioUpE8nyut_XbEu3o4mAIaIhxzYJAOh-ZLBWFhzABL-c_pr5A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfWj_CLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJW6HtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAZgM0rGgjewDuBOhBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0yMzkzMzIwNjQ1MDU1MDIyGLKYKg&sigh=P9Se0VUSaxo&uach_m=[UACH]&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&template_id=545
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c07::9a -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D892 1 KB
643 B 19ms
17ms Document
text/html 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 71362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 17:47:53 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 17:47:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5382 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bebab292aeb590e27cbd2ed78eb18aa6f26fd9b1086f69cd33e58e484b197427

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E260 0
20 B 28ms
28ms Ping
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8878992376798&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E260 0
20 B 54ms
54ms Ping
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8878992376798&version=m202301230201&ct=76&x=1&cor=11668316121590213000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame E260 96 KB
38 KB 84ms
83ms Script
text/javascript 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2bpS178AhxoEhQp4Im0OPU0gzhkOW2V_1XitK3roFz7oV_8_8ypKOv3gY8lfkvCE_wAkB67q_j8VYCOvLaUdp0wgf-iDI1c-QY26aYu0SaF1TrDsmdp8Fgi1OB1DcsXWeWnNMNKaQ8x0RDVocWk3AN8Kaz-UrvbPBnmEKx6CgH9Y4F0Q&dbm_d=AKAmf-D3RTyZ5ZC9u-86T3HxOI4JBOOmhT7s4b3K10_GwrDET0yZXOX5G9vhD20XpQiu-RDcJnMCYnJcOKDSvSaapcNAkzhes4CcXqrX4H0cY90HyQVJVpfGU5sn6_DggyBbPG3IoKowtIphXmyiKQbx9sFRF34ESyZGhJAJZNWiSSBX3K47HuHvwcS6H_KH9bsRi_Ve5WuWHIB-1lgV9p-L2GKcK877ZYVpl4ZfBPe5tc22AWWNgjIoNMytu8PpteDj14LyTdTNLC5dTXYLNxNNVAlVIj_9iMiunuojELERqmUqYVkO90omyYqpkWeZFHqKQ-fAdTXpmC58pihtvIw6wmB2KW89HfRgz7pHmFkVz74ZzviHG7APaZ3OVT4ATVFvvqIlX_mrFTUJvwI3MiHvIKwzZpW1lqI44OCDwbTGVBYMXgAqInGDzmkoxz-tR1Zn6hL7WOc8nafUD_S_dsy4qDcsDxgF-MgOZ1rUWjEuh_rBp17UUM_VZjNfJs541hTxcETwa04stKqprbjqTuZtcTOReHKuXP0EYvRGVpn5hY993rHMveT1iohPYR57uet3Ev8w0SLHOJFWHi1IU3Huoe-wAQc1N993JAO6KLUVsbbC0iE2hWCyD_Wv22a9Nlt0W-uVqwTUu9JMvp1SifYJ2YtOnP1Wf2SenXnZ1CVRezZefJnkgWTCI_mZtLwzjYgObDc4VvzH2D3CTqzrQVZkWGtc7JN7jrRZBQXVfs3ezADjmyblzVuyWhJ0wsbntngFzz-Uh9PcG97_fku9Dtg8WD5YIZcbfeAw_Xai9Vv_oXXgNPiHeZ-5-ERrlRThXZJA_hSum6Orbry6-6V6ulhxVcFipEUDxhwR10DJ3aFGaXMynQsdC_nFNC2PLVmZDqeqy6PIuX4jeZ0ix8pbFw1KzCF4YxC5Xsoao36Qg4GdjqYFnlFSRZnwl93zaNTnNDGzBAyFlEI6PABO6lxPcBWErICJav3TaVSPMUurPm14lBMA1xx51GemsJ8-I5dxomWoc3fssptQh7NBj7Nbj0X8a1AhKGG5tb810o5FYWTqlTWZQqKNsJjgwyH-k8xzNkLg1gKepbL7RFdr7_D8d3IxfSGYsT4fhJuf7vqcv2RGjbr7lECdC5Ky3ZxmokzclcoJGzlzpFE0Zaz5nU4tu-BufOG3hKOpnNzlwvI6SVazsgctP68kojZObYDMe6buL0A53ty1HKZwTxePNvPTeq-LBykssWtjKtK6LM8nbDQGzG7xaFpAfcpunGm5ek8Msz5AQmrB-Hva6Gyboy4RCCDEHPyJjD0z7jXtKxs47PIx8I97sF3oulDnPwJ4I0Vxyuol9pOo9u7C61RbcWdjMtg3cxFHMd_hzVYXjN8N4WZ2aGQe4KN0DeF2_2x3xl78B1EkNjo55w46aBEzD2GEWH2unbtmIqniMfz2x3gkilZ9qSdo3x8pSrdB5eGo8QkcqnGXT4VkJh-oRdQrJx4v8lCHH0phQMDFFeFs3VZv6ernfK3rM3GugJYXoijNPLBvtumD1FCcI8Fd7DiZh1F1z_G5f-qAQ0U9CgDMvMDhiDwnwoklJGalewS_IobPbwdgkEfNYJlbwq-qe8Of6BPXdgczNqL2DPBdHjXup6Qz03XpibTquOhigztEZzJvhOk56z_QQXFbqL9fnl2VbdN6LiGogj6jnO_qXXC0b_7x0JqtvG7JGfkM8SudzF4PmnLCUiOfKgLc6TNftBGMH3zchlagX274CtZsYSSquzGMVf1vzA2r4fckboFpVwzaISM42xqgAeFGOPqTF4lVwwfJq6Vz-srnAdMK__Y6OZ0uDDpCCK8LVP3NZojiQPRbS2hcLnIttk7_Auma87s0W9C-K-OMOuErPqFIVTCJZRCv3oiV2O2ymd34AVPJQc8d6-QH3kMyBpVSlBkr-VI4LZNV6Vh9RRXdz8TQAE26hJu5httKfRxoAQfuMx8e0v3Om7-jEJDSHQweWbWIizTtfy2SC4FMvQRSWVpUuttihyhHWAyZD2Aqfp2t4X4yhXmuV5iLC7vTkIF_OZCLPGwZmkln1hDTAhBOkZIv2G_dtEUiWiBhauHSg7pOc3GBZ9TAC7qF7aAuHiKnyWtb6R0HrkcGEuW_YsNUKuDyAhwcMl2qknlLf9Jv9ttsKSttRRe4-poyGNPXPr5binWWHvA_CTjVADtWGD2Kc5SwHeA8EaMUyVoRViXusfFiBVYGpHP8kb34_11T_-2XsiqKHYQRWCY9zDcGbSsf8DA6HRDdmgG_3QSGgGs1RL-p8C6LHd7rtnRqE1YaDaKT1W4_lLnitHR8R7e127AxsrWmdZ1_AKhhs6ftMhezCHtTN5ajz512Jpg3IlnMHbld2ivdaCjGYQGXIs2CJ22qLJ8Reo1TGygPl6pCsBWVU7jE7GMZgx7eXHhlWucDM8jZYY8LZO1h9nkJ4DFvCz8H4Wgv7z74XAhIvfWeapmcPnu316PgeMpgqFAd0Mp8597KcJSyr6blCGI4P5hIBHct7CtG7DpMfHm0B1ru_hosOivot3UOGE6M4CtffminXyGHxIf3TvNGiMjLo0IplHqK7jB7HIdL7cUqygOEmrqqVlH-DkRhX1z1CGa7rSUU0I2rT5z14nr7UNHz4tk2LKAfgEV9J4NXxCUqyck3-DSOGNc4RpsC9b9bYLhRuY4Zf_cu2zu_Qxl3mGFynVE7HyIHz_EvRacRUikoevztNmKGk3uQwhFMozTAYar0oVE0klN8I4wmd3roIh1hAIs-lKWLkyJ7B7NHyds3jZCKyHdceVy2qVQ9wuW_5MVF6CsQ1mHA9QrUKWwn0qNV5-eoyyO9ySo4zuHXZyMHJfSXqBxUE0tvut7u-I4Rmb6MqDPb30ppVEYqbDZW1RVuqcl7HCMBE720Ufxl28kZZkXsLdc_gl8R2xr0I-g09Q4MIqqEbfmFxMVNtZCVzEmmtfbkggYTo7LPckW8Qabm2qQCKOSOH2qU3KfliKC4JIcgs5P4C6HxF7EKOPJN27s5AHbqcmTiHx4P9ut8-R70axldo6TziCQ2pW2EsHAWhV8DYZQmX-BM33DFawpYmWn1Z1VjRgIc_xUW-iOW0TfQhVD_ywbLL0Hrs7sWskvOSXSlCECyPgMjzwP_3OLw8GK2YKNe5TfDsmNx9GE8t41d4DYJyDUB0srJe8uZ9Bej36EJ0ZAPpLbxmiUOGDJGgiLAVu5GMQeg36k3VeCaAIwc_raAPC_Tuf5jkyY2ZXZtSwNU5X9u2ma7QRNbnNkZBzuqnkQcMsLnpDhcYcLiqSfvmR92FI0nlMomxQrJjGpJmq6uVAZJaGsLZHUPAiVKCWtR4z_ZwRrEf4Pvk4G4ttW2zJhK_Sj2R2-VDz-PXxnsZUZYePEq_BG5DDOh&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=11668316121590213000&adk=2857193498&idt=87&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-ab5sznzd.googlevideo.com/ Frame 5382 3 MB
3 MB 22ms
8ms Media
video/mp4 2607:f8b0:4006:f::6

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-ab5sznzd.googlevideo.com/videoplayback?expire=1677533834&ei=CrL8Y_f0HNGShwaz5ouABg&ip=2a0d:5600:24:1500:1012:dca6:d573:a583&id=4709393dda53c525&itag=18&source=youtube&requiressl=yes&mh=hO&mm=31&mn=sn-ab5sznzd&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=74.977&lmt=1666846992980277&mt=1677504544&txp=4530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAO5w4nxghAAwaKt9Lh60xHpLeCxXNuryE78uHgyweelCAiANfeyWw9zhT2dbo8wBrEVOUDvkH2rsSpJVgVIfmTKpsg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJjbGvXOOpxWbOwkNZw5gl9HOEEmWX9MbuQGtvhbTXkTAiEAvPKA8WZRczLk6nykRpUStKQb291YfhSavXlVRPlrtww=&cpn=dpGZNZTcCgsXGX8z

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:f::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 27 Feb 2023 13:37:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Oct 2022 05:03:12 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3134557/3134558
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3134558
Expires: Mon, 27 Feb 2023 13:37:15 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame C3E5 26 B
231 B 61ms
18ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1677505035263&rnd=hv6fct3l2u4z&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-in_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 2023
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a015066ca4ac457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame C3E5 26 B
87 B 62ms
19ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1677505035241613&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-in_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=hv6fct3l2u4z&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=468&h=300&lat=&lon=&ci=&1=3a88261497127e1c1a71515b9ead41a7&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-17-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 6258
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a015066da4fc457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
H2

200

sid
mug.criteo.com/ Frame F5D7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=2K_w8Hxyc1o2NUtjTGZiQlRUM3oyNkFEb2ZSN2xRbXhlOW82RHVEcUIzSFZZQ29KOFBpMHVMUmZ3ZTUwbHh1cWNoeHlwYng4dGUrakFTQmtYelRVWThMeCs3VW14d1Q4Yk43Rzd4TklwbUJ3dFQrbnpMOGNTakx3SWE1b3...

433 B
656 B

56ms
22ms

Fetch
application/json

74.119.119.139

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2K_w8Hxyc1o2NUtjTGZiQlRUM3oyNkFEb2ZSN2xRbXhlOW82RHVEcUIzSFZZQ29KOFBpMHVMUmZ3ZTUwbHh1cWNoeHlwYng4dGUrakFTQmtYelRVWThMeCs3VW14d1Q4Yk43Rzd4TklwbUJ3dFQrbnpMOGNTakx3SWE1b3o5cnNNdXhmTEFabmhpbm4zZTNJYVBpWHlMUHBXZysvUnpHWkV6ck54dU9Wb2hYSWU5UVlDVTM2SmtNcVdkUVp1S1d2R0xnT2ZLRElIMXdQK3VOeEs0UEtnOW1vNmh0S0Y1SkljZEtuKzgvRkljQWUyU0w0V1d2eHNPbS9JZGhBZEF2T1pNS0lRanEzTTNKb1E3dXMyR05KemMwa0hmdz09fA&cppv=2

Protocol

Server

74.119.119.139 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2430453
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=2K_w8Hxyc1o2NUtjTGZiQlRUM3oyNkFEb2ZSN2xRbXhlOW82RHVEcUIzSFZZQ29KOFBpMHVMUmZ3ZTUwbHh1cWNoeHlwYng4dGUrakFTQmtYelRVWThMeCs3VW14d1Q4Yk43Rzd4TklwbUJ3dFQrbnpMOGNTakx3SWE1b3o5cnNNdXhmTEFabmhpbm4zZTNJYVBpWHlMUHBXZysvUnpHWkV6ck54dU9Wb2hYSWU5UVlDVTM2SmtNcVdkUVp1S1d2R0xnT2ZLRElIMXdQK3VOeEs0UEtnOW1vNmh0S0Y1SkljZEtuKzgvRkljQWUyU0w0V1d2eHNPbS9JZGhBZEF2T1pNS0lRanEzTTNKb1E3dXMyR05KemMwa0hmdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 622271
content-length: 0
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5241 0
54 B 95ms
92ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lemv6p4u&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5241 15 KB
16 KB 19ms
18ms Font
font/woff2 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 13:03:02 GMT
x-content-type-options: nosniff
age: 520453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 13:03:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5241 15 KB
15 KB 19ms
18ms Font
font/woff2 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:23:50 GMT
x-content-type-options: nosniff
age: 602005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 14:23:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5241 0
20 B 25ms
24ms Image
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_DNhCbL8Y7qeDN2foPwPhridgAfFgorlbsqtwdC6EKKd_aGMDhABIJLY30pgycapi8Ck2A-gAaP8y6goyAEFqAMByAObBKoEgQJP0AcYHE7kPHO9pgD8xfahaN6IIJq5gx_IXBVi_d1oDMTTD_-7uJ3GhpRVThQir2OyIQeFpxBsBh1MfFOnLdYAxtIL2X_L13JDM4iqdBlvrJD_CBImOItZqjDBheFzOux59lhBKycbYDza6lQAPbqkn0CC6ZG3TE1-ZtN5BJZEFuR9j8gHmW2plPwaK-c8Rz4yENNi97twwZjMLfYBG8J_LZedvzFey41EOVjFjgQKmPOxpJw_MQ8thF54G5C95vfCyg1VvLwdPU0tvO09qjNFopR1rItwRG-ib_vjdc8x90pVjNobwOjrAv5ck5qiKNBZIvCvQ8Ay_Wp1xgCzqhGeb8AE2byNqqwE4AQDkAYBoAZOgAejtJyIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE4HomhLIE6ed1eED0BMA2BMKiBQs2BQB0BUB-BYBgBcB6BcC&eventType=clickstring&clientTime=1677505035342&ai=C_DNhCbL8Y7qeDN2foPwPhridgAfFgorlbsqtwdC6EKKd_aGMDhABIJLY30pgycapi8Ck2A-gAaP8y6goyAEFqAMByAObBKoEgQJP0AcYHE7kPHO9pgD8xfahaN6IIJq5gx_IXBVi_d1oDMTTD_-7uJ3GhpRVThQir2OyIQeFpxBsBh1MfFOnLdYAxtIL2X_L13JDM4iqdBlvrJD_CBImOItZqjDBheFzOux59lhBKycbYDza6lQAPbqkn0CC6ZG3TE1-ZtN5BJZEFuR9j8gHmW2plPwaK-c8Rz4yENNi97twwZjMLfYBG8J_LZedvzFey41EOVjFjgQKmPOxpJw_MQ8thF54G5C95vfCyg1VvLwdPU0tvO09qjNFopR1rItwRG-ib_vjdc8x90pVjNobwOjrAv5ck5qiKNBZIvCvQ8Ay_Wp1xgCzqhGeb8AE2byNqqwE4AQDkAYBoAZOgAejtJyIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE4HomhLIE6ed1eED0BMA2BMKiBQs2BQB0BUB-BYBgBcB6BcC

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5241 0
54 B 90ms
89ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lemv6p8x&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast
bid.g.doubleclick.net/dbm/ Frame 5241 28 KB
17 KB 137ms
70ms XHR
text/xml 209.85.232.154

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CkNsV0wiVgWEMRcxUWBkGOtLAC5SKX9Jo9FCdn8XvwLYiSCKK-DioHEd_D4oDDCF7mb01XYmSqjFen2tVKzecbwBFi0Q&dbm_d=AKAmf-DFHnL1Bx6_aEJGrnerdrZNMJlRQ4IxaIqDYEWkMur-yjhDCPZW4rRvh5ktEt9mbN4ZFzhj6cAu9fi46CaCTwuJEah7V0SZP_WWyhAxikXZrP80zKMdWtm9WTAE1JbgLOcYe1swM8Oq2giS_2M8Edi7LakmFpqt3NXc44OBo4jUM0h3SVPHVS1Au0E9vIl865BjAzcd18tsg4F3P_7sjglsLGoCy_CAtngjA0B-z00xzWhqcnVMy-G4VwJ8YnIHYrJmB3YcAbnKWFQyROTE_5afzhbhOMcjbedGUMvv1_5i-Z5LkYGRUIGoSPvqAdDAdsFBtiFPg3dH8jWJf5haOKtARrAWjaUaq23MdjjuV8jC6S8K1Uo9ruYMwTFrU8l4yq0RpHtzTePGViHIqI0L_gY4sjPd0CB9Ee6FW9eduFRhHr0qdaBjT147mZYj4UQ25HAOwE8wD-1HhouH-htxp21EdxrCg4mG_FjJttURZZTORv4oi1be8l8W4YeLnovpUsgeaSfcT0WJG_vOpDy-y8wUUBqYEBSUI6LYLyUYzYCQ6SQgJ5GAV7LPAxAvqq3DnXyWmxVEnJQtkWBqdMqGqrbmTeTdq48jO7n3OOd5LbDM6HMjc96CkiV97RuKWlLoDjpKo0ttzfFEH0ui3CY51hJ5sKdCQbpunTJgSNDvBSuprT20ob1gJXe-xwuBbphbR1b-Dl4gEKllcE_qST8h0oCQbdE-lrDRt4C6_lJlVTM1clqxSROTZCJv2Ksv9JIGP4c10Gj1afGpIEvYfejIahys82ZcjETA21aJZQq_kNPzQSuek6qZ3xLDGWPBt_57rdMfJfLIcNjtSEMOAJB1Y4y5HytWpGHyXkyBrrKACCKUYEufeyl5lk5K61yTJzpfsuUArZXLAyqdJl2HssUQIkuEIqXY0RawdQ23Dw7LWptcIHgyuTyou95BNzMv9e68E1A2pc3ckvZmH-hhMEEB1-eYgZ18MxgLqDoIvCA4-s-pFtDew5Oboelulk5rZa1GG2mxdUGLTVJMoPH3rMYS1gSRdT4ALyuF5-tZv3MNIZgEmLIrjuk0LMKmOc_LPdZYwb4oNI17wryp1W4i8c-Vy1krR2mj4sDHZXoBYHY1z4Rqov9l5G6QnlZkduuZocI2xv13JIKa3dZl1FVopWtdahirxl1Y9cVMQBTidQ489KJxl5NTjvudU7jyTTh3K8kKH6MAJAqyzcyffT9OvfYYkHMBN5CrubwvyyhjaeNuDy6-c0XSnD-n84KF8KhRkv0eRZvNLmkffhu_9OZN4JsnQNdKEhEjYK6ApFVUwuVANPVsfRiVgnFUIIvWmumTQ60U1FU6ncLWUwMdPQ7EdBr0g_W1-4e-b0RsNKWL2IaFTSrXoBmr0f45leZqOeD6fCu-9T6n1XT-Bqv8CUvcRHD_VfwaLFqxPCOKWEuqurO4ac9fe-3jVgmzDkp0TwnYelyEnFps_BZcIeQcCsg0lgdC7nl4ccP9sMWzlvL01boxpAMUxNllGCX6HIINzA2yoqAWqkh0gY7ssgyW7tO7v68G12UJRr1RluJ_Z8uWjUuzglpewtlw7u7aRoB3b8vInVfng44Q645IcF_r-yHeknqS9qIAfQXcbbc2sIwk0xQHMmN35Iu3-TA8EXuupg-4rZGVa-sEgQfeLLvW6gWxxpZ61TpcQ_lnrYg7FYnQEOVTouCtXfqckQKQxquAeBfyGXV4Gyp4YPKrG1te_eethBMaY5gaMwl-69Q_uXbiB5xapOpWD_WMGO-wZKBDpjsbqW212L85Sj0-Vu-1cuelIA8JDmVxT31gZrloItI0L4gilhnugudJ98NVdPQrqlKZDT1Tr9rxpUu946oYN2uYZhLat96o2gQZSVMKKjHUYqbX6S90r5LKvP_xA72kUB9lH-9CdMcw9jPJyQP_PFp-sMbu0clVfCduJP9OGuyOVVWHz7JxyrF65QbzuU6IjKu4HweFJwq5W4o3-eZkmvEnkThPXPL8aQpkv9B-jkPUz-jUIhbQpZNV6KuZ2C4nqSGmH6f3czt5k16IjVjuEGECaxYT3Mq_Hxwhal9VrvJOeTKu-X_lKbHx-pa89G3B_BCJAXrLESygb1pxqN3J47Q08KGmN3upC0YT98KVy6o8C3oAMNPGuktoWy3BsbxYZIxayP3Ost41lTKSIzkmr-_1G1WH_cfV70PPgVJ26l17sCM83rTAVrcl41x33GeIOB21ofh3Me8LpOUAzNPGpMSRo-kyogxwwm1Kkbk-8ACGsE_RDoUyfmtb35_A7XSfyHXwGEQO2uc1EMhGFmokrP4-3CdAUNgsCTopBQlyCt_S8K2JNI6NJZDRpT5hTfcxt_vjMXJKdyGoIJJE09EAgqJwpnjwXO_5zLs8m1D1dK4BW2UBlmRGO2RlsjIJFn7BtiGBVMOYM9nwds64MxNcK9hKNgfrPXPlvjovT7ClFQlWhAxiYwjAOyY5gY_7BLfRnyb9IUUaxI93RODaX7fIVRaFnx6tQ_K_gYWalEjfYvVsZpP2CiI9Wz1BwcgB20C7g6i0LMOCQFl48G7zuzFLaby-cxuGfd4KU-WId4IB8HTYt-V_-qeftJgMNXbVMwrXMaztiqunQXHbCeenrSLsyRFRZgVgklzqnGwun3-7VVboRg1TvZ4QFZGWwKA67TzUqIU4AH03tlhoRtTYShJGlvV9SXnyT2loZHGtttJQNSeOwd6XDwfuahoPPcrnLpP7TX2C75R501xY0fZK_VeFZkCKixJqydmxjhQtaIVrBBEeApZq3lFbz6qd5hwZhJpMzr0Y3RUDsZvJKGXUQhGwc4Y71ybrfeFDe98RUOYIAPn9m4gQ5Lq6KbIkOmSGxzqbPXbVCsGL9PrwZxwSTpemA_PZCXrdnax8YNxgROyxt2S_jbDG-Lq_05lklFbQWva5o4wcdc2gzERbSCLGDu-huc4kIcuMzco-_7FEyXoZ8sXzapDEOWsKbB7wQZKQ8cyK2qJDWkT0rivL8xp99JwQ3TTEfgivGFaXzqWxGNt_m1TH4FWmcfuS3XwJQ67UQZe74voDImlHlx40DfLxP1JqsdzL77WFD7D1gzOAqw4i_oh7ovJklIQfSDjenVGUPOiJKz0Sq7lDLComOgtCDymKCxlk1QbKo18Tr2pdoaCxrtQkiJVY3w-PkuWlrbWfGWJyCN67wT69pCdO6K-ntJjc-fTuynsWU7pv239c_j6bOSq2NrgCU2QzwmtCqEt1Li11SCFasZfzWHE0Go3C699AAvaVfUHIyGZFauUSjnKaJYZHFgjy2M6i0bAMTKbrN2_NFBQSEjf39ce4us5p05-v7BXJ7o_eieBAKvTjjotQafh00ymjYzJCgzL91UwkGvvIDq87Z10JYfXk3fqAbhGJjzEsVw0eJ3cWkkPgNvPkuOVhMkCPOZNa7PT6MCXAvt6gnVGCmBlT70ZUFVUz2WQigqNxAtg8yDfSPsy_ayaZztroqnf_K-2sEGQMINlX-T6Rj9s4ZmxHdELX8i_7&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17040
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5241 0
0 28ms
27ms Fetch
text/html 2607:f8b0:400d:c07::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnVUZCbL8Y7qeDN2foPwPhridgAfFgorlbsqtwdC6EKKd_aGMDhABIJLY30pgycapi8Ck2A-gAaP8y6goyAEFqAMBqgT-AU_QBxgcTuQ8c72mAPzF9qFo3oggmrmDH8hcFWL93WgMxNMP_7u4ncaGlFVOFCKvY7IhB4WnEGwGHUx8U6ct1gDG0gvZf8vXckMziKp0GW-skP8IEiY4i1mqMMGF4XM67Hn2WEErJxtgPNrqVAA9uqSfQILpkbdMTX5m03kElkQW5H2PyAeZbamU_Bor5zxHPjIQ02L3u3DBmMwt9gEbwn8tl52_MV7LjUQ5WMWOBAqY87GknD8xDy2EXngbkL2-9iAXnr_SLv6V8TY7UXRmsXJQFj8-ayPWp7tM8Wd85ik5-a3fSNldwsUaTYgJrVCIVHMO6E7eZCl6I5AJ-7Y5wATZvI2qrATgBAOIBf7KlJNJkgUGCAMQARgBkgUGCBsQARgBkgUNCCIQARgBSKf_3gFQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHo7SciAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCNqm8Yl_rV2wHSCA8IgGEQARgdMgKKAjoCgECACgPICwGwE4HomhLIE6ed1eED0BMA2BMKiBQs2BQB0BUBgBcBshceChwIABIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq6BcC&sigh=RmbUCErtGYc&uach_m=[UACH]&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&vt=10
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c07::9a -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4102 1 KB
643 B 22ms
21ms Document
text/html 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 71362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 17:47:53 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 17:47:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame D450 26 B
83 B 18ms
16ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1677505035408&rnd=f3p8uxk9oui7&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-sidebar&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 2023
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150678c0fc457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame D450 26 B
83 B 20ms
19ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1677505035387361&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-sidebar&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=f3p8uxk9oui7&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=300&h=600&lat=&lon=&ci=&1=3a88261497127e1c1a71515b9ead41a7&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-14-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 6258
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a0150678c13c457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
DATA 200
OK truncated
/ Frame 5241 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 38FE 26 B
83 B 12ms
10ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1677505035482&rnd=axf2zr9onfmn&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-before_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 2023
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a015067fd3fc457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 38FE 26 B
83 B 13ms
12ms Image
image/gif 2606:4700::6811:6cd4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1677505035450422&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-before_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=axf2zr9onfmn&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=468&h=300&lat=&lon=&ci=&1=3a88261497127e1c1a71515b9ead41a7&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-21-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cd4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 23:31:54 GMT
server: cloudflare
age: 6258
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7a015067fd41c457-EWR
content-length: 26
expires: Mon, 27 Feb 2023 15:37:15 GMT

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 32C3 594 B
812 B 49ms
29ms Document
text/html 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 385
content-type: text/html
date: Mon, 27 Feb 2023 13:37:15 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 skeleton.js
fw.adsafeprotected.com/rjss/st/1291519/68983243/ Frame E260 243 KB
73 KB 95ms
15ms Script
application/javascript 100.25.50.80

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1291519/68983243/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010268213&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=19643503885&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hhPH3QqQ_hrCERcOBy7AzY
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.50.80 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E260 106 KB
37 KB 68ms
17ms Script
text/javascript 2607:f8b0:400d:c02::94

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 09:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Feb 2023 09:18:53 GMT

GET
H3 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame E260 8 KB
3 KB 17ms
16ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2bpS178AhxoEhQp4Im0OPU0gzhkOW2V_1XitK3roFz7oV_8_8ypKOv3gY8lfkvCE_wAkB67q_j8VYCOvLaUdp0wgf-iDI1c-QY26aYu0SaF1TrDsmdp8Fgi1OB1DcsXWeWnNMNKaQ8x0RDVocWk3AN8Kaz-UrvbPBnmEKx6CgH9Y4F0Q&dbm_d=AKAmf-D3RTyZ5ZC9u-86T3HxOI4JBOOmhT7s4b3K10_GwrDET0yZXOX5G9vhD20XpQiu-RDcJnMCYnJcOKDSvSaapcNAkzhes4CcXqrX4H0cY90HyQVJVpfGU5sn6_DggyBbPG3IoKowtIphXmyiKQbx9sFRF34ESyZGhJAJZNWiSSBX3K47HuHvwcS6H_KH9bsRi_Ve5WuWHIB-1lgV9p-L2GKcK877ZYVpl4ZfBPe5tc22AWWNgjIoNMytu8PpteDj14LyTdTNLC5dTXYLNxNNVAlVIj_9iMiunuojELERqmUqYVkO90omyYqpkWeZFHqKQ-fAdTXpmC58pihtvIw6wmB2KW89HfRgz7pHmFkVz74ZzviHG7APaZ3OVT4ATVFvvqIlX_mrFTUJvwI3MiHvIKwzZpW1lqI44OCDwbTGVBYMXgAqInGDzmkoxz-tR1Zn6hL7WOc8nafUD_S_dsy4qDcsDxgF-MgOZ1rUWjEuh_rBp17UUM_VZjNfJs541hTxcETwa04stKqprbjqTuZtcTOReHKuXP0EYvRGVpn5hY993rHMveT1iohPYR57uet3Ev8w0SLHOJFWHi1IU3Huoe-wAQc1N993JAO6KLUVsbbC0iE2hWCyD_Wv22a9Nlt0W-uVqwTUu9JMvp1SifYJ2YtOnP1Wf2SenXnZ1CVRezZefJnkgWTCI_mZtLwzjYgObDc4VvzH2D3CTqzrQVZkWGtc7JN7jrRZBQXVfs3ezADjmyblzVuyWhJ0wsbntngFzz-Uh9PcG97_fku9Dtg8WD5YIZcbfeAw_Xai9Vv_oXXgNPiHeZ-5-ERrlRThXZJA_hSum6Orbry6-6V6ulhxVcFipEUDxhwR10DJ3aFGaXMynQsdC_nFNC2PLVmZDqeqy6PIuX4jeZ0ix8pbFw1KzCF4YxC5Xsoao36Qg4GdjqYFnlFSRZnwl93zaNTnNDGzBAyFlEI6PABO6lxPcBWErICJav3TaVSPMUurPm14lBMA1xx51GemsJ8-I5dxomWoc3fssptQh7NBj7Nbj0X8a1AhKGG5tb810o5FYWTqlTWZQqKNsJjgwyH-k8xzNkLg1gKepbL7RFdr7_D8d3IxfSGYsT4fhJuf7vqcv2RGjbr7lECdC5Ky3ZxmokzclcoJGzlzpFE0Zaz5nU4tu-BufOG3hKOpnNzlwvI6SVazsgctP68kojZObYDMe6buL0A53ty1HKZwTxePNvPTeq-LBykssWtjKtK6LM8nbDQGzG7xaFpAfcpunGm5ek8Msz5AQmrB-Hva6Gyboy4RCCDEHPyJjD0z7jXtKxs47PIx8I97sF3oulDnPwJ4I0Vxyuol9pOo9u7C61RbcWdjMtg3cxFHMd_hzVYXjN8N4WZ2aGQe4KN0DeF2_2x3xl78B1EkNjo55w46aBEzD2GEWH2unbtmIqniMfz2x3gkilZ9qSdo3x8pSrdB5eGo8QkcqnGXT4VkJh-oRdQrJx4v8lCHH0phQMDFFeFs3VZv6ernfK3rM3GugJYXoijNPLBvtumD1FCcI8Fd7DiZh1F1z_G5f-qAQ0U9CgDMvMDhiDwnwoklJGalewS_IobPbwdgkEfNYJlbwq-qe8Of6BPXdgczNqL2DPBdHjXup6Qz03XpibTquOhigztEZzJvhOk56z_QQXFbqL9fnl2VbdN6LiGogj6jnO_qXXC0b_7x0JqtvG7JGfkM8SudzF4PmnLCUiOfKgLc6TNftBGMH3zchlagX274CtZsYSSquzGMVf1vzA2r4fckboFpVwzaISM42xqgAeFGOPqTF4lVwwfJq6Vz-srnAdMK__Y6OZ0uDDpCCK8LVP3NZojiQPRbS2hcLnIttk7_Auma87s0W9C-K-OMOuErPqFIVTCJZRCv3oiV2O2ymd34AVPJQc8d6-QH3kMyBpVSlBkr-VI4LZNV6Vh9RRXdz8TQAE26hJu5httKfRxoAQfuMx8e0v3Om7-jEJDSHQweWbWIizTtfy2SC4FMvQRSWVpUuttihyhHWAyZD2Aqfp2t4X4yhXmuV5iLC7vTkIF_OZCLPGwZmkln1hDTAhBOkZIv2G_dtEUiWiBhauHSg7pOc3GBZ9TAC7qF7aAuHiKnyWtb6R0HrkcGEuW_YsNUKuDyAhwcMl2qknlLf9Jv9ttsKSttRRe4-poyGNPXPr5binWWHvA_CTjVADtWGD2Kc5SwHeA8EaMUyVoRViXusfFiBVYGpHP8kb34_11T_-2XsiqKHYQRWCY9zDcGbSsf8DA6HRDdmgG_3QSGgGs1RL-p8C6LHd7rtnRqE1YaDaKT1W4_lLnitHR8R7e127AxsrWmdZ1_AKhhs6ftMhezCHtTN5ajz512Jpg3IlnMHbld2ivdaCjGYQGXIs2CJ22qLJ8Reo1TGygPl6pCsBWVU7jE7GMZgx7eXHhlWucDM8jZYY8LZO1h9nkJ4DFvCz8H4Wgv7z74XAhIvfWeapmcPnu316PgeMpgqFAd0Mp8597KcJSyr6blCGI4P5hIBHct7CtG7DpMfHm0B1ru_hosOivot3UOGE6M4CtffminXyGHxIf3TvNGiMjLo0IplHqK7jB7HIdL7cUqygOEmrqqVlH-DkRhX1z1CGa7rSUU0I2rT5z14nr7UNHz4tk2LKAfgEV9J4NXxCUqyck3-DSOGNc4RpsC9b9bYLhRuY4Zf_cu2zu_Qxl3mGFynVE7HyIHz_EvRacRUikoevztNmKGk3uQwhFMozTAYar0oVE0klN8I4wmd3roIh1hAIs-lKWLkyJ7B7NHyds3jZCKyHdceVy2qVQ9wuW_5MVF6CsQ1mHA9QrUKWwn0qNV5-eoyyO9ySo4zuHXZyMHJfSXqBxUE0tvut7u-I4Rmb6MqDPb30ppVEYqbDZW1RVuqcl7HCMBE720Ufxl28kZZkXsLdc_gl8R2xr0I-g09Q4MIqqEbfmFxMVNtZCVzEmmtfbkggYTo7LPckW8Qabm2qQCKOSOH2qU3KfliKC4JIcgs5P4C6HxF7EKOPJN27s5AHbqcmTiHx4P9ut8-R70axldo6TziCQ2pW2EsHAWhV8DYZQmX-BM33DFawpYmWn1Z1VjRgIc_xUW-iOW0TfQhVD_ywbLL0Hrs7sWskvOSXSlCECyPgMjzwP_3OLw8GK2YKNe5TfDsmNx9GE8t41d4DYJyDUB0srJe8uZ9Bej36EJ0ZAPpLbxmiUOGDJGgiLAVu5GMQeg36k3VeCaAIwc_raAPC_Tuf5jkyY2ZXZtSwNU5X9u2ma7QRNbnNkZBzuqnkQcMsLnpDhcYcLiqSfvmR92FI0nlMomxQrJjGpJmq6uVAZJaGsLZHUPAiVKCWtR4z_ZwRrEf4Pvk4G4ttW2zJhK_Sj2R2-VDz-PXxnsZUZYePEq_BG5DDOh&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=11668316121590213000&adk=2857193498&idt=87&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 01:51:10 GMT

GET
H3 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame E260 29 KB
11 KB 17ms
17ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 22:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 22:14:11 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5382 28 KB
28 KB 18ms
17ms Font
font/woff2 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:29:37 GMT
x-content-type-options: nosniff
age: 504458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:29:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEMxmCnwrCidqLa0PguO1oSI&google_cver=1&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1u...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I&google_cver=1&google...

170 B
188 B

22ms
21ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I&google_cver=1&google_gid=CAESEMxmCnwrCidqLa0PguO1oSI&google_hm=UTczMDc5MTQzNTE1NjQ3Mjc5MjA=

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 13:37:15 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=Aa02lx9lo5-vqhd0aVDn2tfNL0VQBXjMUJttxo1Ej9UXE4dvzxJ0V_CmmguculUMR2k1uRiVGGZjD_WH-n7OIXrTu_GcMzdVz9I&google_cver=1&google_gid=CAESEMxmCnwrCidqLa0PguO1oSI&google_hm=UTczMDc5MTQzNTE1NjQ3Mjc5MjA=
Content-Type: text/html
Cache-Control: max-age=68368
Connection: keep-alive
Content-Length: 154

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D892 0
173 B 50ms
14ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEnCE9Zxfz3K0EbclGv_vGM&google_cver=1&google_push=Aa02lx9DwaPL-eZws39N1CGV_sYhgcL3oPNpI1N6-im8nJ80RMh7-YSkgrCZnXGJcFjQpWmhAHQRgbGZcgr4XI53aZb7PP7uHig
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX4...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

170 B
188 B

22ms
21ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8bRnLuT1STaHQML7b8hMg2IdD3Dt9dzvWmZqHmmC5Nw-aM62am0GaNrGd5Jp0fs-hAp0GpVZ4WYvigMC5woaX41VEqIyM&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==
Date: Mon, 27 Feb 2023 13:37:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bOiqyXvcQWOM7qse6CJJAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

25ms
24ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bOiqyXvcQWOM7qse6CJJAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8SGuTdYQe0TXGl8JJ0mRflE9zgPWvhDlqvUOb208xaZhAimQ24rTPKyX_gCvxGuEXAReyW8caZ4IB7cg63ek1-x2tKfO8

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bOiqyXvcQWOM7qse6CJJAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8SGuTdYQe0TXGl8JJ0mRflE9zgPWvhDlqvUOb208xaZhAimQ24rTPKyX_gCvxGuEXAReyW8caZ4IB7cg63ek1-x2tKfO8
date: Mon, 27 Feb 2023 13:37:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEErGp5M0_BM5nJb9f7fW5eY&google_cver=1&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEErGp5M0_BM5nJb9f7fW5eY&google_cver=1&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA&google_hm=GOhRjGZHR36p8PWoSSKOQwBz

170 B
188 B

23ms
22ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA&google_hm=GOhRjGZHR36p8PWoSSKOQwBz

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 13:37:15 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-pd0k1vtHx1q4HldDaZWRdOBSpbq4_tqxfI8D7hjIJ6v5xnEV7Bisfco_TVvCHy1loIxWk8XzGf-VnBxKi2Kh8nZQoRA&google_hm=GOhRjGZHR36p8PWoSSKOQwBz
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGgzPUsvcxcdFqLFUQguwwg&google_cver=1&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cS...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGgzPUsvcxcdFqLFUQguwwg&google_cver=1&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=BWwyVqfeRyW7mr9B0B9Vzg&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kq...

170 B
188 B

23ms
20ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=BWwyVqfeRyW7mr9B0B9Vzg&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cSnT2A4

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=BWwyVqfeRyW7mr9B0B9Vzg&google_push=Aa02lx9_snfHDRiJFKIDOxua3pLk76MApPrEaiwH3QLGrRyxlTqbTFT_dO4yDoCNV8xzPAQV3sG3r3AZXvfF-kqF3ZK2cSnT2A4
access-control-allow-origin: *
date: Mon, 27 Feb 2023 13:37:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D892
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&redir=https%3A%2F%2Fcm.g.doublec...
https://sync.targeting.unrulymedia.com/csync/RX-34038f77-9a8e-4073-8c13-a52bfef5bedb-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_qoq3dzspJLmQMQ_XSJ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&google_hm=BTQDj3eajkBzjBOlK_71vts

170 B
188 B

38ms
38ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&google_hm=BTQDj3eajkBzjBOlK_71vts

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 13:37:16 GMT
Server: Tengine
ETag: RX34038f779a8e40738c13a52bfef5bedb005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_qoq3dzspJLmQMQ_XSJECw2sk48-hdJBJB8EZ7TRyansHsdU_o7s9Ut27S4bNNGdWUttcdPjm2crc6SuTbY3qFbVLK3w&google_hm=BTQDj3eajkBzjBOlK_71vts
Content-Type: text/html
Connection: keep-alive

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D892 0
12 B 21ms
19ms Image
text/html 173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHsl_hc9GoiKgkv3dstU5_i3d0fnb7YJaoHBEEfLvQWKxhoBTIpITfsnY6EFoO8pBFnczA

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 csi
csi.gstatic.com/ Frame 5241 0
17 B 102ms
99ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lemv6p9d&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 67704344
unified.adsafeprotected.com/v2/1283458/ Frame 5241 23 KB
6 KB 124ms
50ms XHR
text/xml 174.129.13.79

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1283458/67704344?mon=67704349&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss5b4kY7mNXdLnf8P8LxqzA6pT-IMMO4ggPamM8ovaWpiKyDz4Qa6oPueONimu5-ym7ryDhjzkXtOcY65Gxidrg3AdrtCyQdKscnhmuxe-uIHCO8fH42FKhufLSg-t1B9oMR7p_V_uQp8okjHPufJ5vMoxpoIC2iFEho4u539R9Mm3sJUnGqb1sl_FjAbaiAeMw%26sai%3DAMfl-YQgE9D5x7v0TK4w_KyQ2wdhOeXfU3kLdMQ30OVxIvPdD2Aq4i_cD1My_uH6d3W_etejipDaveT-9O7rOSFGUg-fWMbdLMqty624RbwGwHzPkbENTvc_PuD7QQO0a-h1Z8KmkKZLo1aR2_OhkPB6UnRtOGCo%26sig%3DCg0ArKJSzEfJWwvcrhDqEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1010126503&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=19635971454&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iqZcZjcLIR6lVDuqkzFGxg&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1034274.279382INVITEMEDIAINC.DO/B29058854.353794832%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1010126503%3Bdsp_publisherid_0_%3Dpub-2393320645055022%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D19635971454%3Bdsp_bidurl_0_%3Dhttps://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Bdsp_dealid_0_%3D%3Bdsp_impid_0_%3Dv4~~ABAjH0iqZcZjcLIR6lVDuqkzFGxg%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%3Fves%3DdGltZXN0YW1wOiAxNjc3NTA1MDM1NDcxCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc0dSYlRoLVBOdUEwQi1ib3gzdEpScXpCVU1IcGcxdmJRYVFBWUNwY0JtQ2k3cTl2c1p6cDdiU2tRMkNpWlFDalhkZlJnMGtJandRbElqNEtESlNrOHRTd1hRcEVKT2F2aDY4cmNTbWxMWWcwVU91Rkg2cWtYc1hwdW9mZDVqTUVTVmxkdnZSU0RONHJuVGFRTTdqM3F1T1ZEeHVlUTBmTWZoMDVHYU5jMVdmNG5qeU9Xc2NxaW8wakVISGg4Vl9VTW5aNmNGWTVEbTFOVkNrb09NTDZFeGJPdXh4cFFydWxwN2dLazVLMS1PbU5SemdOdXBnSEVXT3Q0cmtjTmI4RUo5bHY1VThCeVllOHFidU5acnVZdDFYWXUyX3hwQ3hiQ2xXQjV2ZzVCcndJZ2FsR2xaYTdZSnJTRVZxcnFJU2R0SVFOeWZ2bHU0WnBFS0dwaHBzcGI1STBUM3VIaHFWcWd4dHdBN2lFY0dVRFc5TXZBbWlRWDJzZ2xPN1Zzd2hRWmZ5ZklBMi1DMEU1ZWR6SmhyOEJVZ2VLU2RUY3JrWWg1QjREWGVIeEFWVE5Ma05yalRhZnRoM0d0NFlIRUVocDFobXRlYk1QVEhQRHRzeURrRHVIME1obU40d0ZKWjk1SXZrU2hMNlgwVmZDcDFPUEExaExGYk9NVS1QN3RrLV92OFJQcy1DZjF4WnhMc3hhYmM5Rm82Rm1OWXBLd2otMk1jX1hRNkR2ZkVXMXdHeERWRFI3VWpRWWZtSUVUMExlMXY2MnlqV0ItMm1IMzFCTlg1SUFrNTMzRHZuR3N5YzJDUVpqTTlnNVd5RE1vR3d5Wno0cUVxYl84ZzNRNVpGYmdWc2RWUC1Ma1hBZ1J3b3BlYlJvUXpvUnFDdkZjS3JRbExTeTBpeER0d2toZ2pGc3RkRUFyaThUQ2FuOGY0bTllZkxyU1NjUzRHMFZQLXNWQmxNc010QVAxQmt6TzBwU04wd3QzQVVjR24xVndtMS0xQ3NFa2t3ejFkcVE5WWh4TlMtWDlleVZQVEdyYjczUVV6U2wxV20xelVNbjI1VjdwckM3ZVJiODAydVRlZlJXVVdBQnhyQ0k5MkMxX0paemlQSUU1b2NpcnBoR3FtX1JwQURIT1VNQW9NVk9JLUVLZjd6eFI4WXhMNFd1cW1FM0lvRER3SkdVUmd6a04xdEh2RnJmQ1J4YS1LWkQxSlRLQ0hYSC0tenByb3lybnlQRExtelp2QVBERVRZckdYbEZiOHF5TXBjUmdSdFNsbjJ0ODIzdWdIdzFsRzRwd2RNdWZzYWFWV29WXzNpZE5DS3A0UnNBYkVQRzZKRW52NkZmbnlDd1k5dy16U0tQb2trSEJNMnMzcnRZZ2NLenl0OHkycXVQOGpQckEtRkhua0JsVTRZam9MdUU2cmlOQUlHMWF0eXN2WERiRnVJcVRhcnl0MDE1ZVl3Mlp2aURRN1FDMlM2dWdsVHNyeDRnRl9tOUF0Tm9jSHJ4ZE9TQXkycHdsNThhN0dBcnZpYmFYeG9PZ0pybnEzM2FZUjJ4dVp1YmZZZ2hlVm10TVZkQjFxUE5kaGVubjdQUkd3SnlCREtJRmhPUVYxb0dZZTEyc2V0SnlmNmROTktpbUd0bVl6NlNUZmNmMHBqOGpCdjBFbmZiaGllRDg0ZDRJTDIxUHNVR1ByZW83MlVzeTZxMFZSY2ZvZUlNNnM1OEUwJnNhaT1BTWZsLVlUeGJ0NjdiVkcwVUpNZVM5TV91TlFEaDFvRThtMHRPTDB6M2llMExPbE15dzhIUFdnT0ctclluM0pZdF9aQUpibGQtejFBaWFGSWNMbEJiTmVQTG1kUGNlaEM1TGxsaTZTNzE2blo2bmQtYW84Mkc4Q1A0UXA4R0p3SVZqOHMxbmt0SnBQUXluUDlJYk85bUtRQmlRX0xoQmg4RENiTkkwWXdaY1ZhazByQl9xY1ZOQ1J4VFRTWXNjQkt4cTExMU1hYkVfZzJ2NkoyTmV3Z0hIVy1ER2N5NzdLb2hnNGd0X0cwWmZFekh4bDhrNU42Q2s4ZlI1ay1YSW13WU9WVHpGa19QVnZJSmFnSjFmUUVnNnprR3p3WjJoUlFVYTlyUWM3UkZIeW9HQTlBJnNpZz1DZzBBcktKU3pCVm5oRzNSUFM1aUVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuaHJibG9jay5jb20vb2ZmZXJzL3JlZnVuZC1hZHZhbmNlLyUzRm90cHBhcnRuZXJpZCUzRDk2NDElMjZwcm9kaWQlM0RyYSUyNmNhbXBhaWduaWQlM0Rvdl9tY21fOTY0MV8yOTA1ODg1NF8zNTM3OTQ4MzJfMTg2NTU5MTM4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D186559138%26dc_adid%3D545288498
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.13.79 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
content-encoding: gzip
vary: Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
request-id: cfub42sn8tmc8f6q6cn0
content-length: 6220

GET
H2 200 447d95c6-6013-ea05-e292-52312b6c63a1
pr-bh.ybp.yahoo.com/sync/openx/ Frame 32C3 43 B
602 B 68ms
16ms Image
image/gif 2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/447d95c6-6013-ea05-e292-52312b6c63a1?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 32C3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508&dcc=t

43 B
855 B

31ms
30ms

Image
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 13:37:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BKA9D5NAGGWFC24R1RJH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 13:37:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DYX451XNDJ69CZR1Y8W1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=886c8fff-ec15-c3b6-134b-c653bc086508&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 32C3
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60277cfb-7053-4b94-9d5e-5e6dc584a05d&ttd_puid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0&gdpr_consent=

43 B
250 B

29ms
27ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=60277cfb-7053-4b94-9d5e-5e6dc584a05d&ttd_puid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=60277cfb-7053-4b94-9d5e-5e6dc584a05d&ttd_puid=d0baf382-f0bf-784c-d345-44c4d43baee8&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 32C3 170 B
188 B 26ms
21ms Image
image/png 173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNkNTIwNDgtMzljOC0yNmU4LWM2YTUtMWU3ZDFlZDk2MDg4

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 32C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtaqx6fn1GGpW8UPoZxvO8&google_cver=1

43 B
180 B

37ms
24ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtaqx6fn1GGpW8UPoZxvO8&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtaqx6fn1GGpW8UPoZxvO8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEKbvZ7WgzkC5X1gcfgD77i4&google_cver=1&google_push=Aa02lx-O4vqAun53sEdlylm6s7kuC7ZDvaekvgJdWujmFTUdDY-6umSAgOXDHXhBM5Xk_nzfCgq6pHYhodLcdv02LKn1tIQyB473
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkQxRDdCREM3QUFCN0ExRQ==

170 B
188 B

21ms
21ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkQxRDdCREM3QUFCN0ExRQ==

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkQxRDdCREM3QUFCN0ExRQ==
date: Mon, 27 Feb 2023 13:37:15 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIxcKe6br_eMjEFIGQBu5ZY&google_cver=1&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUH...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUHuY...

170 B
188 B

21ms
20ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUHuYpF9NpvQ

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx_-4yPorvy3lik7jhIaDhCiFoqdME7H0yzd4qcB5PMP4NoG_EQp5SzAQCaqbkEqAPdVEKb_R_R4rHBSmRbRUHuYpF9NpvQ
Date: Mon, 27 Feb 2023 13:37:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_hm=Y_yyCpxmI-qAFxa96PL3MgAABT0AAAIB&google_nid=index&google_push=Aa02lx-IZh6td6_Gx8dl_Autm3bGUmfUFJAGf...

170 B
188 B

22ms
22ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_hm=Y_yyCpxmI-qAFxa96PL3MgAABT0AAAIB&google_nid=index&google_push=Aa02lx-IZh6td6_Gx8dl_Autm3bGUmfUFJAGfDaFQbQmnv32KCzEjWZ1ygbpnWk77YN04VC9G1TW8F-avDTCoReUabbUYdsf2KE

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By%2BiJXI%2FgXDoT0yenIa%2FYoQduiUCbTjk9cIoq%2B%2BFrIiED11Y6shSAnsUzz6c51QGLdIEZsEymQsXX6a%2FGazkXVF6MlhfCAFgz4zqR0DQodoNb0fMDwRlrijgjbZqXfq4VCjhDgfJ0v2oSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJO4Hq2AgjUL3imw3k_eG5Q&google_hm=Y_yyCpxmI-qAFxa96PL3MgAABT0AAAIB&google_nid=index&google_push=Aa02lx-IZh6td6_Gx8dl_Autm3bGUmfUFJAGfDaFQbQmnv32KCzEjWZ1ygbpnWk77YN04VC9G1TW8F-avDTCoReUabbUYdsf2KE
cache-control: no-cache
cf-ray: 7a0150694a4e3342-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://google.partners.tremorhub.com/sync?UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4ngERAsep8U4aWyLnSm4vtrdo2aM7uQjJqiRDkepB0Hm934yOacp4z9zAodBONUzuSA9...
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDY5ZTljNDQ5N2I3NDc3MTgyZTU4MThjZTYwNGNiNDU%3D&UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4...

170 B
188 B

24ms
23ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDY5ZTljNDQ5N2I3NDc3MTgyZTU4MThjZTYwNGNiNDU%3D&UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4ngERAsep8U4aWyLnSm4vtrdo2aM7uQjJqiRDkepB0Hm934yOacp4z9zAodBONUzuSA9WgAlu

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDY5ZTljNDQ5N2I3NDc3MTgyZTU4MThjZTYwNGNiNDU%3D&UIDF=CAESEOpOQI0qcFa10coOHMBLs5s&google_cver=1&google_push=Aa02lx9tdArUWCWrdj7HA71H67l4ngERAsep8U4aWyLnSm4vtrdo2aM7uQjJqiRDkepB0Hm934yOacp4z9zAodBONUzuSA9WgAlu
date: Mon, 27 Feb 2023 13:37:15 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
https://sync.targeting.unrulymedia.com/csync/RX-34038f77-9a8e-4073-8c13-a52bfef5bedb-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_5sc1ARmt1iG1tGCmDU...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw&google_hm=BTQDj3eajkBzjBOlK_71vts

170 B
188 B

22ms
21ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw&google_hm=BTQDj3eajkBzjBOlK_71vts

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Feb 2023 13:37:16 GMT
Server: Tengine
ETag: RX34038f779a8e40738c13a52bfef5bedb005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_5sc1ARmt1iG1tGCmDUALbFDxH56cPsbEX-fecFpR1fO5xGybYBmHEcjTLP5PDecqmBTP1EXD2oN0XWqhPPzeggO4E1pSw&google_hm=BTQDj3eajkBzjBOlK_71vts
Content-Type: text/html
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4102
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEP9H1c81llIsOQkh6cTjooI&google_cver=1&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=tTGewPY_E0aLYBnlqJ3u_A&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP9-L0_z5-vH...

170 B
188 B

25ms
24ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=tTGewPY_E0aLYBnlqJ3u_A&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP9-L0_z5-vHRt5Gw

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=tTGewPY_E0aLYBnlqJ3u_A&google_push=Aa02lx-_tAw3qE2Hu3hkfm74bvQrnAsvPYedVJrbkK6Zw3z8HxzwI17m38WfwtPoRyFFCMlQy8v-lv-y1WJjkRP9-L0_z5-vHRt5Gw
Date: Mon, 27 Feb 2023 13:37:15 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 4102
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN0yR58FuBg1vN5ssWUvNLE&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YTZlMzJhNzQtZjQ3OS00NzZhLWFhM2ItMWVkZWE3NDdiNWI2&google_push=Aa02lx9INpvBrlImvZomto6PL9YgU87W2RIK5LsaqnW6j2trReUHQOIFLVe-PGpZzvhGM...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

13ms
12ms

Image
image/gif

96.6.23.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 96.6.23.74 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.9 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Feb 2023 13:37:15 GMT
pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4102 0
12 B 28ms
21ms Image
text/html 173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGRrEErhnKRVKtdf_eHZ-F_ouN4GZzznRlGa4HCmUqFbqb7G0Q40E3QAi2fm9mkjC3CxkQMKE

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 csi
csi.gstatic.com/ Frame 5382 0
17 B 90ms
90ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lemv6p0d&c=8008100154205&slotId=4004050077102.5&qqid=CPvG85zptf0CFd0PiAkdBlwHcA&umsem=0&ape=1&ple=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F030db783cd93f01ccad1528166361a91.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5382 0
17 B 92ms
89ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lemv6pjo&c=8008100154205&slotId=4004050077102.5&qqid=CPvG85zptf0CFd0PiAkdBlwHcA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F5b032f5da114b9082b26e2dd1530bd65.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5382 0
17 B 93ms
90ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lemv6pjp&c=8008100154205&slotId=4004050077102.5&qqid=CPvG85zptf0CFd0PiAkdBlwHcA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fed8ae2896763956dad3710d8730c1299.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5382 0
17 B 93ms
90ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lemv6pjp&c=8008100154205&slotId=4004050077102.5&qqid=CPvG85zptf0CFd0PiAkdBlwHcA&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fmts0.google.com%252Fvt%252Fdata%253DWztWuhyI8cwZh2k86GvP0X_BdkcFnFXnYtpFKFaFjoF46rLp1nuULekVFL2UvDES6cquuppH0XJeC-g0&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5b032f5da114b9082b26e2dd1530bd65.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5382 42 B
64 B 62ms
62ms Image
image/gif 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrP3kCbL8Y7ueDN2foPwPhridgAfKtteVb6Gd1Ke7EN3UkaiGEBABIJLY30pgycapi8Ck2A-gAciqxdYDyAEJ4AIAqAMByAPLBKoExAJP0DWGYWDmLOtTvWN11z4an0SmwD75oKAlNXacdpr9E6jk4WtVo1L3t9fAadEFcM1fwnH3W9wJKkpgK50erosRfNTtrv5bs6xUq7gWvEZvfO8gFz8IphXYqFgIVFSYbkCPMaLQTSQUrKQWDCuCrVkErTmnOqdnOoAKxHiQejrO_tmDkysrLLGbD-_pqUO6DXKBPI6Kg1uY-U3wymNjrCz_CUxH1zkKJChZzIjb_U_4qDTz5AKx6Vu-FgOhxZ9_HffGgXWPJsepB_adqjT1BdTqciOVcVWJXtJF3BmEDnM7Zz2JnYaxydWLJtJVWq6VT12lkm8ecBhRQmRNEIFBCQYtMV_f2d-Tqxr4o76LQU6g885w2R6OM3F18E8GztLyzkVvl8KRd0TcTS49GfX7dONpOP5NgH085C7Bh3M2yLPNip8F_V3ABL-c_pr5A-AEAaAGLoAH1o_wiwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAsQlC47s7CpQJHYAKA4oK-QFodHRwczovL2NsaWNrc2VydmUuZGFydHNlYXJjaC5uZXQvbGluay9jbGljaz9saWQ9NTg3MDAwMDgyNTU1NDk5MjkmZHNfYV9jaWQ9MjkzODUyMDc4JmRzX2FfY2FpZD0xOTYzODQ0NjgyNCZkc19hX2FnaWQ9JmRzX2FfZmlpZD0mZHNfYV9saWQ9JmRzX2FfZXh0aWQ9JiZkc19lX2FkaWQ9JmRzX2VfbWF0Y2h0eXBlPSZkc19lX2RldmljZT1jJmRzX2VfbmV0d29yaz14JiZkc191cmxfdj0yJmRzX2Rlc3RfdXJsPXt1bmVzY2FwZWRscHVybH2YCwHICwHgCwGADAGYDNKxoI3sA7gMAbgToQTYEw7QFQH4FgGAFwE&sigh=W1ukTRfpFWE&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3Dgg&label=adresume

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 2772 36 KB
14 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 05:00:58 GMT

GET
H2

200

4a.js
static.adsafeprotected.com/ Frame E260
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1291519/68983243/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010268213&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=19643503885&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

9ms
4ms

Script
application/javascript

2600:9000:21dd:aa00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:21dd:aa00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 19:35:41 GMT
x-amz-version-id: n5tYvHg2JAJxYbtCkDKplLalLU_QRJRu
content-encoding: gzip
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 410496
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Feb 2023 19:35:29 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: _7wo-2_bPIQoOHHPMoIQqaLC3xjH12vfQ0qdl389O19SB5B3Z6w4JA==

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
server: nginx
x-server-name: app03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js
static.adsafeprotected.com/ Frame 7648 91 KB
23 KB 223ms
3ms Script
application/javascript 2600:9000:21dd:aa00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:aa00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 06:42:20 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 8664897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 2n3aUJAjOCqNbOQ-8DVVTqIjkjbJXK8xSP3ZXxLLM-1Y4baELllqXg==

POST
H3 204 csi
csi.gstatic.com/ Frame 5241 0
17 B 94ms
93ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lemv6pgh&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&vmfc=15&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 5241 41 KB
15 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 14:28:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5241
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

41ms
5ms

Fetch
video/mp4

2607:f8b0:4006:2::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/423F6B5EB763ADDEC62F4D583F5F4A1A3815E403.30D753FE5892A2BD3BFFB541A22224AD8260578A/key/cms1/cms_redirect/yes/mh/pv/mip/2a0d:5600:24:1500:1012:dca6:d573:a583/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1677504532/mv/m/mvi/2/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4006:2::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 13:37:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1626853
Last-Modified: Thu, 09 Feb 2023 07:57:44 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 27 Feb 2023 13:37:16 GMT

Redirect headers

date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
location: https://r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/423F6B5EB763ADDEC62F4D583F5F4A1A3815E403.30D753FE5892A2BD3BFFB541A22224AD8260578A/key/cms1/cms_redirect/yes/mh/pv/mip/2a0d:5600:24:1500:1012:dca6:d573:a583/mm/42/mn/sn-ab5l6nk6/ms/onc/mt/1677504532/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5241 0
17 B 93ms
92ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lemv6pmz&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=885&mt=video%2Fmp4&vs=640x360&msm=1&aits=15%2C0%2C18%2C22%2C37%2C692%2C59%2C309%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.24t
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E260 41 KB
15 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 11:13:13 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BEC1 1 KB
643 B 65ms
34ms Document
text/html 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 71363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 17:47:53 GMT
etag: 48472445140208031
expires: Mon, 27 Feb 2023 17:47:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E260 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 hrb_ct_omni_filetoday_html_176_300x600_v1_na_y.html
s0.2mdn.net/sadbundle/9186113795984982016/hrb_ct_omni_filetoday_html_176_300x600_v1_na_y/ Frame C361 41 KB
10 KB 77ms
17ms Document
text/html 2607:f8b0:400d:c02::94

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9186113795984982016/hrb_ct_omni_filetoday_html_176_300x600_v1_na_y/hrb_ct_omni_filetoday_html_176_300x600_v1_na_y.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 12:00:01 GMT
expires: Tue, 27 Feb 2024 12:00:01 GMT
last-modified: Mon, 19 Dec 2022 09:53:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E260 0
0 199ms
69ms Fetch
image/gif 74.125.192.154

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssY64Y5pBhJUYrdCPcANMgNkhrX1xP3_cXWJrSbjKXoCpIAVhuGEajPopHagYw0Gn75ckU7mFa7yXn8pB8wu1lP8U2EEA5ZCp1Ssw5xXeUEtnRgpO3hdBejXBUxVPTu_iuciWGaKa49YeW5f-k54k_3Uyih3S0iMKq5vpIx_Gg8CWasudfen-cpouYBrJsivcdUW5hVnGiqK2ePN4OX3IGeMCikqdMpnCa_07j72oiTjr4kmsNRzZu1HcaoAbdh6IIdcJFdm6Biw6TcGelbSac1MQEh28R47h4orNUmSokelo1j84o6pi5V8_4XLGn_imzNbDL5jNkFhY57AvB9zPA2CUQQDrCgZvExua0twpPmfg1EU_fKwG1NUK4RBHoG9ak9djRR_iKUW434u7hHMVUmjtB2GL0uqUicq5u_TxmLUH0ZvJ9MSkQq1WRf73SmA0LacIdS1muGTc9u60IiLOv15_5Czg8yZ7RL_nm5YcawoLH35Hgdszm1ngUBPG6bi5Iu77cH1tDH4REh2jS3EjuBLi8OYvx8_2w---ixmgUxWsnzw6nLvLq15RrhT9r8JOa49vB7GurhgT-Mfj0ksj7Z2zSZ1_bbs4N1t14AEpCh7uVtTPXjk0hBBkx9Jh-ZxSBTLLQE1L9L0T9JwbGtTIpMMEb_F4Q8uwn-oBm3lJLDFTuyyceCPAS9LMjyK9Dw8VpP-gd8QUCUC2YXCt1LUlvz-fQqGSxrWwlTN-O4zkUS5uJNqtwaKkFyNP4GoIk0j73mMW93WE_DVM7xP5KIs2VvZnhKS7CRuyUb36nIuylUtcvAb-1V-eRVvSb7iJYnSWmOpQ7lIlkCoQYz8EQB-Jwq2ukt3Zz77sY7YXn6AIAST3t9mnzaGD1ENy84JaTQCaowi_sRPqvKfTrwVmbnJo94KGdNBslusmvgUMQFBM3VwEwMVbO4dYCKow7FXfgtRjCtWOmMlmYOIOk2RpG2rYKJcWdlhiWz0ZamATmVFXqgcNbL2Q3fYAI-wmEtHXhxsFGbiloBXY84alqFQPaEpuStkNlmNEkYvBd9Zhl5GbRhlsEps-yovMa_ojPvXiw5ADmRStHhctwIa_mlEMZuOu6RfAcGzYt6C4wldS6Me8_64v5xnWYmTfmNR9nMIR9OstMsRXTcpqd27rBM-0zTCkjoshr26fGaJtfURpIOXnItQf4t0LtEuPlewxRupvMwttMaLDtZ0sZm6BLVFQ86CqFDcoJMua1eBf2OecUIE2TTe8vhTCUGTgec6x9GTybJ-ff0LflSMm8&sai=AMfl-YQ7Zyffoh9Xv84DpT1Y6sY8k7qu9t7e38jNCGL5R91FWvbg1VRmzOBTmAvwP_aDwe_fWeadpc-3Gj8tycL6xaOIvlkEXj1AY3x_w7-bqJT-tct0zBgf_ZQ0hDnvnTwfqSdEA0h_zb7uqrXkOpp1I1Z0-tbck09ftfMHaOnrjWURh96jhUO26vtOpH5qrWnpL2mbQ_PDnInFmHujhIky2rU7wYFNvRIWcdY49PeNC0cJN_nsb-UFHCFUt2RoL-Mak9ec_khLu9Xt0g1OFXSPbkfl0H9SD5fIMg&sig=Cg0ArKJSzMRJ1eIIbVJHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=393&cbvp=1&cstd=388&cisv=r20230223.85841&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 13:37:16 GMT

GET
H2 200 v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame E260 43 B
380 B 135ms
8ms Image
image/gif 3.88.245.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/display_impression/jsonschema/1-0-0&aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1&cb=2179755061&pub_id=7166125&adv_id=9121585&adv_nm=&c_id=29052208&c_nm=&pl_id=357946512&pl_nm=&ad_id=546290007&ad_nm=184416195&width=&height=&u_id=&u_ip=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.245.113 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E260 43 B
215 B 94ms
3ms Image
image/gif 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291519&asId=abe2230d-5ad7-b248-ef87-2e22fabccb45&tv=%7Bc:5qBHWu,pingTime:-3,time:167,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:300,h:600,t:166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B154~0%5D,as:%5B153~0.0,1~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tx4saTd+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1291519-68983243%7C181%7C19%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:34%7D&br=c
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E260 43 B
216 B 86ms
2ms Image
image/gif 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291519&asId=abe2230d-5ad7-b248-ef87-2e22fabccb45&tv=%7Bc:5qBHWw,pingTime:-6,time:169,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:169,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B156~0%5D,as:%5B153~0.0,3~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tx4saTd+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1291519-68983243%7C181%7C19%7C1a1%7C1b%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:34%7D&tpiLookup=ao:blog.s.id*&br=c
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E260 43 B
215 B 71ms
5ms Image
image/gif 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1291519&asId=abe2230d-5ad7-b248-ef87-2e22fabccb45&tv=%7Bc:5qBHWS,pingTime:-2,time:191,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1061,beZ:1062,mfA:1069,cmA:1071,inA:1071,inZ:1076,prA:1077,prZ:1086,si:1094,poA:1096,poZ:1124,cmZ:1124,mfZ:1124,loA:1230,loZ:1234,ltA:1252,ltZ:1252%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:300,h:600,t:166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:191,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B153~0.0,26~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tx4saTd+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.1291519-68983243%7C181%7C19%7C1a1%7C1b%7C1c%7C1d,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:34,sinceFw:156,readyFired:true%7D&br=c
Requested by: Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2d4d:67a7:4e93:963f -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5382 42 B
64 B 28ms
27ms Image
image/gif 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 290A 23 KB
9 KB 9ms
8ms Document
text/html 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 328438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 18:23:18 GMT
expires: Fri, 23 Feb 2024 18:23:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPp4EXPlcvkZd52tUjdnc-4&google_push=Aa02lx86M8JoOLfV7-MpNvBwtXj57QyveZ03_ToBLgb1mKTWXpioCan0pw...

170 B
188 B

36ms
23ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPp4EXPlcvkZd52tUjdnc-4&google_push=Aa02lx86M8JoOLfV7-MpNvBwtXj57QyveZ03_ToBLgb1mKTWXpioCan0pwdN37OifopsUZIr35Jn5Q9cGJY05h_qYpQUyO56Cren

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ewr18171-EWR
pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677505036.194642,VS0,VE13
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPp4EXPlcvkZd52tUjdnc-4&google_push=Aa02lx86M8JoOLfV7-MpNvBwtXj57QyveZ03_ToBLgb1mKTWXpioCan0pwdN37OifopsUZIr35Jn5Q9cGJY05h_qYpQUyO56Cren
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEC1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBKKozI0PgiQfpdEQ4cu6c&google_cver=1&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaY...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaYIB5sffU&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

170 B
188 B

25ms
24ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaYIB5sffU&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_bY66k-LC11Cj-0fJwWdzCaMnZ3fkAENvpS785ExgloDA8OoLWma807R6x1FWSrKnzQLE7spB-I3zCLEPoEfaYIB5sffU&google_hm=Fa2FdaAuSvuS8u1J9StwNQ==
Date: Mon, 27 Feb 2023 13:37:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEC1
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIxcKe6br_eMjEFIGQBu5ZY&google_cver=1&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgS...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgSlm...

170 B
188 B

24ms
23ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgSlmDqLf2_MX

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDg2NDA5MTMwNzM4MTUyNDI&google_push=Aa02lx-vsi3lQJFXReo1sCcQoXlH2PAJN25ig3ddW8LJ29DH6xraWh6GCk9Yyib7mOg_JahE6V67bUr18bwdZ78kgSlmDqLf2_MX
Date: Mon, 27 Feb 2023 13:37:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEC1
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEElkdtV8CeXpK3Lb-IoET2s&google_cver=1&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iEgroD30U21SWiLOGp

170 B
188 B

30ms
22ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iEgroD30U21SWiLOGp

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-s8hQEFeeTLyhcP34P9aN7XrXB-jmhuHGvVpxkiXjr6jtuRgc3RzWNfXceP-7knfAnvryEzNX2S9iEgroD30U21SWiLOGp
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET

supply
eb2.3lift.com/sync/google/ Frame BEC1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHqnGVtPcPM2JMODcHsCzqQ&google_cver=1&google_push=Aa02lx_ek8Tb7XpZgZt_W_4vYiddU1J5NASc1fZTMbpa3F99Nr7Z9PIpNWKMtDqpvdOEs7hEHdAHn8tz91i_3VAjmV773_AHe8k
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_ek8Tb7XpZgZt_W_4vYiddU1J5NASc1fZTMbpa3F99Nr7Z9PIpNWKMtDqpvdOEs7hEHdAHn8tz91i_3VAjmV773_AHe8k...

0
0

GET sync_before
tg.socdm.com/rtb/ Frame BEC1 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BEC1
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOIZ8kFbclTLQ6yD3H6NcPQ&google_cver=1&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEjlsTYfrV2xazKA73ATigu6GQIl...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDk1MzRhZjItZmFiOC00NWE4LWE0MjItNDhiNTI2M2JmODg2&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEj...

170 B
188 B

22ms
22ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDk1MzRhZjItZmFiOC00NWE4LWE0MjItNDhiNTI2M2JmODg2&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEjlsTYfrV2xazKA73ATigu6GQIlHTGdSJxRpQJqw

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDk1MzRhZjItZmFiOC00NWE4LWE0MjItNDhiNTI2M2JmODg2&google_push=Aa02lx8l8KUpBhFucfWMErVZCwP4ImCXMi5OLsx-VK1cobV5yyWkrs2JAU7R8hEjlsTYfrV2xazKA73ATigu6GQIlHTGdSJxRpQJqw
date: Mon, 27 Feb 2023 13:37:16 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BEC1 0
12 B 26ms
19ms Image
text/html 173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnuhzlTzEtOjvffd0I6xyKcnKv1FlMgfX_02FzdQUIaJnnY3ItQWTcSabEctQqovqcax_SoQ

Requested by

Host: 53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
URL: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C361 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E260 0
0 30ms
29ms Fetch
image/gif 74.125.192.154

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssY64Y5pBhJUYrdCPcANMgNkhrX1xP3_cXWJrSbjKXoCpIAVhuGEajPopHagYw0Gn75ckU7mFa7yXn8pB8wu1lP8U2EEA5ZCp1Ssw5xXeUEtnRgpO3hdBejXBUxVPTu_iuciWGaKa49YeW5f-k54k_3Uyih3S0iMKq5vpIx_Gg8CWasudfen-cpouYBrJsivcdUW5hVnGiqK2ePN4OX3IGeMCikqdMpnCa_07j72oiTjr4kmsNRzZu1HcaoAbdh6IIdcJFdm6Biw6TcGelbSac1MQEh28R47h4orNUmSokelo1j84o6pi5V8_4XLGn_imzNbDL5jNkFhY57AvB9zPA2CUQQDrCgZvExua0twpPmfg1EU_fKwG1NUK4RBHoG9ak9djRR_iKUW434u7hHMVUmjtB2GL0uqUicq5u_TxmLUH0ZvJ9MSkQq1WRf73SmA0LacIdS1muGTc9u60IiLOv15_5Czg8yZ7RL_nm5YcawoLH35Hgdszm1ngUBPG6bi5Iu77cH1tDH4REh2jS3EjuBLi8OYvx8_2w---ixmgUxWsnzw6nLvLq15RrhT9r8JOa49vB7GurhgT-Mfj0ksj7Z2zSZ1_bbs4N1t14AEpCh7uVtTPXjk0hBBkx9Jh-ZxSBTLLQE1L9L0T9JwbGtTIpMMEb_F4Q8uwn-oBm3lJLDFTuyyceCPAS9LMjyK9Dw8VpP-gd8QUCUC2YXCt1LUlvz-fQqGSxrWwlTN-O4zkUS5uJNqtwaKkFyNP4GoIk0j73mMW93WE_DVM7xP5KIs2VvZnhKS7CRuyUb36nIuylUtcvAb-1V-eRVvSb7iJYnSWmOpQ7lIlkCoQYz8EQB-Jwq2ukt3Zz77sY7YXn6AIAST3t9mnzaGD1ENy84JaTQCaowi_sRPqvKfTrwVmbnJo94KGdNBslusmvgUMQFBM3VwEwMVbO4dYCKow7FXfgtRjCtWOmMlmYOIOk2RpG2rYKJcWdlhiWz0ZamATmVFXqgcNbL2Q3fYAI-wmEtHXhxsFGbiloBXY84alqFQPaEpuStkNlmNEkYvBd9Zhl5GbRhlsEps-yovMa_ojPvXiw5ADmRStHhctwIa_mlEMZuOu6RfAcGzYt6C4wldS6Me8_64v5xnWYmTfmNR9nMIR9OstMsRXTcpqd27rBM-0zTCkjoshr26fGaJtfURpIOXnItQf4t0LtEuPlewxRupvMwttMaLDtZ0sZm6BLVFQ86CqFDcoJMua1eBf2OecUIE2TTe8vhTCUGTgec6x9GTybJ-ff0LflSMm8&sai=AMfl-YQ7Zyffoh9Xv84DpT1Y6sY8k7qu9t7e38jNCGL5R91FWvbg1VRmzOBTmAvwP_aDwe_fWeadpc-3Gj8tycL6xaOIvlkEXj1AY3x_w7-bqJT-tct0zBgf_ZQ0hDnvnTwfqSdEA0h_zb7uqrXkOpp1I1Z0-tbck09ftfMHaOnrjWURh96jhUO26vtOpH5qrWnpL2mbQ_PDnInFmHujhIky2rU7wYFNvRIWcdY49PeNC0cJN_nsb-UFHCFUt2RoL-Mak9ec_khLu9Xt0g1OFXSPbkfl0H9SD5fIMg&sig=Cg0ArKJSzMRJ1eIIbVJHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=628&vt=11&dtpt=235&dett=3&cstd=388&cisv=r20230223.85841&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 13:37:16 GMT

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A4A1 22 KB
8 KB 19ms
7ms Document
text/html 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 277445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 08:33:11 GMT
expires: Sat, 24 Feb 2024 08:33:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E260 0
26 B 103ms
65ms Ping
image/gif 74.125.192.154

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxkyZYbUf4beIEchvbU1bWfdNMAuRLG-IVgN44TvynJFXfdT5KV5g3z0D8cajI0tVeHHkvSLWIUSPHU9rM3ZWc_sioKaHuLEyTci85cUHToQyAaJn8UdkMMIOduO4ZjHvHLJOpMpxLegFMEV4kQ0poWbZfjeXUH4lJogJAQKAN05zRwcjxmT9JSc5bKGJ5iQhA&sai=AMfl-YTslcGWkKCfgDboCBSFNqeLEQkjLMqBv6yZOf8dRUBSyGoap1SEv2HQTDZCrHi8vxLEw7ONpCbiapy6bZKS9d3CfZliF5CnjzfAHHJQzzbUsTSit-ihQY8TgJekQjR-VIETjC262rCPa-nkswCYVnTilT1j&sig=Cg0ArKJSzHEKAma76Q0HEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-ab5l6nk6.c.2mdn.net/videoplayback/id/0444109c2d3daed4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820377497/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5241 2 MB
2 MB 24ms
5ms Media
video/mp4 2607:f8b0:4006:2::7

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:2::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 27 Feb 2023 13:37:16 GMT
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1626852/1626853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1626853
last-modified: Thu, 09 Feb 2023 07:57:44 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 5241 0
17 B 101ms
95ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lemv6pnb&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=885&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1283458%252F67704344%253Fmon%253D67704349%2526omidPartner%253D%255BOMIDPARTNER%255D%2526apiframeworks%253D%255BAPIFRAMEWORKS%255D%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjss5b4kY7mNXdLnf8P8LxqzA6pT-IMMO4ggPamM8ovaWpiKyDz4Qa6oPueONimu5-ym7ryDhjzkXtOcY65Gxidrg3AdrtCyQdKscnhmuxe-uIHCO8fH42FKhufLSg-t1B9oMR7p_V_uQp8okjHPufJ5vMoxpoIC2iFEho4u539R9Mm3sJUnGqb1sl_FjAbaiAeMw%252526sai%25253DAMfl-YQgE9D5x7v0TK4w_KyQ2wdhOeXfU3kLdMQ30OVxIvPdD2Aq4i_cD1My_uH6d3W_etejipDaveT-9O7rOSFGUg-fWMbdLMqty624RbwGwHzPkbENTvc_PuD7QQO0a-h1Z8KmkKZLo1aR2_OhkPB6UnRtOGCo%252526sig%25253DCg0ArKJSzEfJWwvcrhDqEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1010126503%2526ias_pubId%253Dpub-2393320645055022%2526ias_chanId%253D1%2526ias_placementId%253D19635971454%2526bidurl%253Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%2526ias_dealId%253D%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0iqZcZjcLIR6lVDuqkzFGxg%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN1034274.279382INVITEMEDIAINC.DO%252FB29058854.353794832%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1010126503%25253Bdsp_publisherid_0_%25253Dpub-2393320645055022%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D19635971454%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%25253Bdsp_dealid_0_%25253D%25253Bdsp_impid_0_%25253Dv4~~ABAjH0iqZcZjcLIR6lVDuqkzFGxg%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%2525253Futm_source%2525253Dhome_sid%25252526utm_medium%2525253Dredirect%25253Fves%25253DdGltZXN0YW1wOiAxNjc3NTA1MDM1NDcxCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc0dSYlRoLVBOdUEwQi1ib3gzdEpScXpCVU1IcGcxdmJRYVFBWUNwY0JtQ2k3cTl2c1p6cDdiU2tRMkNpWlFDalhkZlJnMGtJandRbElqNEtESlNrOHRTd1hRcEVKT2F2aDY4cmNTbWxMWWcwVU91Rkg2cWtYc1hwdW9mZDVqTUVTVmxkdnZSU0RONHJuVGFRTTdqM3F1T1ZEeHVlUTBmTWZoMDVHYU5jMVdmNG5qeU9Xc2NxaW8wakVISGg4Vl9VTW5aNmNGWTVEbTFOVkNrb09NTDZFeGJPdXh4cFFydWxwN2dLazVLMS1PbU5SemdOdXBnSEVXT3Q0cmtjTmI4RUo5bHY1VThCeVllOHFidU5acnVZdDFYWXUyX3hwQ3hiQ2xXQjV2ZzVCcndJZ2FsR2xaYTdZSnJTRVZxcnFJU2R0SVFOeWZ2bHU0WnBFS0dwaHBzcGI1STBUM3VIaHFWcWd4dHdBN2lFY0dVRFc5TXZBbWlRWDJzZ2xPN1Zzd2hRWmZ5ZklBMi1DMEU1ZWR6SmhyOEJVZ2VLU2RUY3JrWWg1QjREWGVIeEFWVE5Ma05yalRhZnRoM0d0NFlIRUVocDFobXRlYk1QVEhQRHRzeURrRHVIME1obU40d0ZKWjk1SXZrU2hMNlgwVmZDcDFPUEExaExGYk9NVS1QN3RrLV92OFJQcy1DZjF4WnhMc3hhYmM5Rm82Rm1OWXBLd2otMk1jX1hRNkR2ZkVXMXdHeERWRFI3VWpRWWZtSUVUMExlMXY2MnlqV0ItMm1IMzFCTlg1SUFrNTMzRHZuR3N5YzJDUVpqTTlnNVd5RE1vR3d5Wno0cUVxYl84ZzNRNVpGYmdWc2RWUC1Ma1hBZ1J3b3BlYlJvUXpvUnFDdkZjS3JRbExTeTBpeER0d2toZ2pGc3RkRUFyaThUQ2FuOGY0bTllZkxyU1NjUzRHMFZQLXNWQmxNc010QVAxQmt6TzBwU04wd3QzQVVjR24xVndtMS0xQ3NFa2t3ejFkcVE5WWh4TlMtWDlleVZQVEdyYjczUVV6U2wxV20xelVNbjI1VjdwckM3ZVJiODAydVRlZlJXVVdBQnhyQ0k5MkMxX0paemlQSUU1b2NpcnBoR3FtX1JwQURIT1VNQW9NVk9JLUVLZjd6eFI4WXhMNFd1cW1FM0lvRER3SkdVUmd6a04xdEh2RnJmQ1J4YS1LWkQxSlRLQ0hYSC0tenByb3lybnlQRExtelp2QVBERVRZckdYbEZiOHF5TXBjUmdSdFNsbjJ0ODIzdWdIdzFsRzRwd2RNdWZzYWFWV29WXzNpZE5DS3A0UnNBYkVQRzZKRW52NkZmbnlDd1k5dy16U0tQb2trSEJNMnMzcnRZZ2NLenl0OHkycXVQOGpQckEtRkhua0JsVTRZam9MdUU2cmlOQUlHMWF0eXN2WERiRnVJcVRhcnl0MDE1ZVl3Mlp2aURRN1FDMlM2dWdsVHNyeDRnRl9tOUF0Tm9jSHJ4ZE9TQXkycHdsNThhN0dBcnZpYmFYeG9PZ0pybnEzM2FZUjJ4dVp1YmZZZ2hlVm10TVZkQjFxUE5kaGVubjdQUkd3SnlCREtJRmhPUVYxb0dZZTEyc2V0SnlmNmROTktpbUd0bVl6NlNUZmNmMHBqOGpCdjBFbmZiaGllRDg0ZDRJTDIxUHNVR1ByZW83MlVzeTZxMFZSY2ZvZUlNNnM1OEUwJnNhaT1BTWZsLVlUeGJ0NjdiVkcwVUpNZVM5TV91TlFEaDFvRThtMHRPTDB6M2llMExPbE15dzhIUFdnT0ctclluM0pZdF9aQUpibGQtejFBaWFGSWNMbEJiTmVQTG1kUGNlaEM1TGxsaTZTNzE2blo2bmQtYW84Mkc4Q1A0UXA4R0p3SVZqOHMxbmt0SnBQUXluUDlJYk85bUtRQmlRX0xoQmg4RENiTkkwWXdaY1ZhazByQl9xY1ZOQ1J4VFRTWXNjQkt4cTExMU1hYkVfZzJ2NkoyTmV3Z0hIVy1ER2N5NzdLb2hnNGd0X0cwWmZFekh4bDhrNU42Q2s4ZlI1ay1YSW13WU9WVHpGa19QVnZJSmFnSjFmUUVnNnprR3p3WjJoUlFVYTlyUWM3UkZIeW9HQTlBJnNpZz1DZzBBcktKU3pCVm5oRzNSUFM1aUVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuaHJibG9jay5jb20vb2ZmZXJzL3JlZnVuZC1hZHZhbmNlLyUzRm90cHBhcnRuZXJpZCUzRDk2NDElMjZwcm9kaWQlM0RyYSUyNmNhbXBhaWduaWQlM0Rvdl9tY21fOTY0MV8yOTA1ODg1NF8zNTM3OTQ4MzJfMTg2NTU5MTM4JTI2ZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D186559138%252526dc_adid%25253D545288498&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 passback_300x600.js
static.adsafeprotected.com/ Frame 5D1D 3 KB
2 KB 16ms
5ms Script
application/javascript 2600:9000:21dd:aa00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:aa00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 02:54:37 GMT
x-amz-cf-pop: EWR53-C2
age: 38560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"439e58c5a30158dbdc47481bb170410a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: mFud4xR3Cyr5ZzwGb0HZM1mWlkRnpwIxVicDsgpnRPUet1omtIvifQ==

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js
pagead2.googlesyndication.com/bg/ Frame 290A 36 KB
14 KB 26ms
18ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 16:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 336516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 16:08:40 GMT

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame 5D1D 34 KB
34 KB 10ms
4ms Image
image/png 2600:9000:21dd:aa00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:aa00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 22:09:52 GMT
x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 228445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
etag: "26e2b461771f6fb855141aa77c859584"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: kCodWGYFswiIzTRI6zmJt5aK76lxqIBar39xGMWRoxsyumMcXNbexg==

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame A4A1 36 KB
14 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 05:00:58 GMT

GET
H2 200 dc_oe=ChMI6ob9nem1_QIV2wZoCB21ew89EAAYACCi1fpYOhoIzNO2igMQ2byNqqwEGKed1eEDIMqtwdC6EEITCPrG85zptf0CFd0PiAkdBlwHcA;dc_rmcid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFo...
ade.googlesyndication.com/ddm/activity/ Frame 5241 42 B
107 B 105ms
33ms Image
image/gif 173.194.207.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6ob9nem1_QIV2wZoCB21ew89EAAYACCi1fpYOhoIzNO2igMQ2byNqqwEGKed1eEDIMqtwdC6EEITCPrG85zptf0CFd0PiAkdBlwHcA;dc_rmcid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D948%26v%3D20230213%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D792589156%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1677505036357;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.156 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5241 42 B
64 B 46ms
34ms Image
image/gif 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_DNhCbL8Y7qeDN2foPwPhridgAfFgorlbsqtwdC6EKKd_aGMDhABIJLY30pgycapi8Ck2A-gAaP8y6goyAEFqAMByAObBKoEgQJP0AcYHE7kPHO9pgD8xfahaN6IIJq5gx_IXBVi_d1oDMTTD_-7uJ3GhpRVThQir2OyIQeFpxBsBh1MfFOnLdYAxtIL2X_L13JDM4iqdBlvrJD_CBImOItZqjDBheFzOux59lhBKycbYDza6lQAPbqkn0CC6ZG3TE1-ZtN5BJZEFuR9j8gHmW2plPwaK-c8Rz4yENNi97twwZjMLfYBG8J_LZedvzFey41EOVjFjgQKmPOxpJw_MQ8thF54G5C95vfCyg1VvLwdPU0tvO09qjNFopR1rItwRG-ib_vjdc8x90pVjNobwOjrAv5ck5qiKNBZIvCvQ8Ay_Wp1xgCzqhGeb8AE2byNqqwE4AQDkAYBoAZOgAejtJyIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE4HomhLIE6ed1eED0BMA2BMKiBQs2BQB0BUB-BYBgBcB6BcC&sigh=xy0m273B5Cc&label=part2viewed&ad_mt=20&acvw=sv%3D948%26v%3D20230213%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D792589156%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1677505036357

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5241 43 B
66 B 33ms
21ms Image
image/gif 2607:f8b0:400d:c02::94

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 05:52:19 GMT
x-content-type-options: nosniff
age: 27897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Feb 2023 05:52:19 GMT

GET
H2 200 pixel.png
unified.adsafeprotected.com/ Frame 5241 35 B
112 B 30ms
17ms Image
image/gif 174.129.13.79

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vNTMwMjliOWZjZDBjZTM3ZjYwYjc5M2RlYTNlNGM1Y2Yuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTI4MzQ1OCIsImN1c3RvbTgiOiI2NzcwNDM0NCIsInhzaWQiOiI0YjIyZTAwNy0yMmNlLTQxN2QtOWEwZC1iZjVmY2UyMDBmOTEifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMTk2MzU5NzE0NTQiLCJoZWFkZXIxMSI6IkRDTSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6IltPTUlEUEFSVE5FUl0iLCJoZWFkZXI0IjoiW0FQSUZSQU1FV09SS1NdIiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxODY1NTkxMzgiLCJjYiI6IjE2Nzc1MDUwMzU3Mzc0NjMyNjQiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9BIn0=&advEntityId=1283458&pubEntityId=67704344
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.13.79 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
content-length: 35
vary: Origin
content-type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/ Frame 5241
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1283458/67704349/skeleton.gif?xmtp=v&xmapp=0&xsId=4b22e007-22ce-417d-9a0d-bf5fce200f91&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden...
https://static.adsafeprotected.com/skeleton.js

17 B
17 B

5ms
5ms

Image
application/javascript

2600:9000:21dd:aa00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:21dd:aa00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 07:36:39 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 9439238
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: jdRqVPIT7B4lauR5yoyjAw0thXAG0agHhnQKQv5IJp3DG2r6ic9cag==

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
x-server-name: app06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5241 0
27 B 54ms
43ms Image
image/gif 74.125.192.154

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqiYVFMohULeIyWZd_P_0YvtpRnt8waJfEgCywze1v6TiGLQrCyFlJ-O3ghkfnu6DfOuIni4i1oMhAa-5jL8WaqVpsEfC6OCQ3Smr2QUFeS8i9FqHifT5Bqa0O3gDoProFQi4OQxNSBniBh9cwZ2UNRt7qUdB7UJOD2SzUZ3iV-LzY-6TGjPf6oGmqBGHsviblem0NBEOt94OQnVv6KUspr0nDYXKR5EpsavcNAMiPQBv6Vw7_IZs83l8lmiQIXMva_f3s1qA3XqCMpEyBRLryfu-f6u1FC92PtJSOaIA1Lk-WWJOgWZrPaoYKMrkRwjvsFvLk0RPa0vfLxpNdKw5hKTUlPiC1oQ7l5VQC-4uCD9CZ1Mvjlg08p61TrBgTSAwLfPffGuAB8E2Pf8szUIeg8bppIzjKuISQaGF2lO7znSFmOcBe4iEdeOmnE28FJ1HIfjJWuidGvY2vgcP5xFZQnq3EUfkWtk2jeeQymeN4qi9Q77xhDERqyFlufBqeiTQpGEdHQ_gq9bQkMk1V7MDDUQlNNb97FQaoImzjH8ChjBNL2d3XcaNSh8DVqaO87QmNr8rYyOGV-EXnKoCLfBJCyrf29QW-Q4Hk0jJirl55ykJjyZkwMXef3TCKFRQWkEJ1T_dYTr77TOgz7h92Yow9F912s3cabZkuPm_ZcYC5z6plr-Bt3Lz8qW3fK8aZ-NopJy0041Tfiq6s5dqZG8QN1M2oJ9RwsrLhRogGcCkqIQUrEtU9yMk7ATns-WeUjqr_8b3QILCyGaUEiXwvK059SExDQVj7g5QGec-zYi4X5-t7LFuAqFHQaMck0ZNKPGBu5YdL6FnkJn1NttCLN16g6haV4jsytCRO4XNfmB3qt3sa1sw-BQQnvRG_rGsjf-mqEE_FbbkuX9KMzrTOSE7WiHhowMsno2QlTcqbvaU7pQSv44QwVXXwTUoTiGu811kX03-ko6RZvN2KWuIrUHcEKeZTXE_KucyDYN2j56e-1fLNVkeKR7G2AkMk4QVXnVjwgiF9gfO11I7pxFFOthVTkbjlyrE9sAhX2CJ5IuCXMhZdnsXLN8vzuHVrrGrgxdXMJrkYSJXmHko75r6UiGrEQxTpPVUa4wVc1V02vWf2Er3mqpbJBwlpG7fZL2wfN9k7xF-HADPa1vslB1xty_SchveJvGcUZ2s4uXa4uqCzwCPRt1SBaGxH5QYJ5sx1JLEPvF9xWweQBnRXCMgNL8O-WfHK8JppDEreE_Wp36hYvBc47L6rCYlQ7_u7ImHoDjIQaQ&sai=AMfl-YRnYs5fptJ2qBUBV-v13-YZvlFe8jVTnyekBvcXdxI1ANYMDI8Gaw4Dakwkbuoz_aHb0wBIKV9tbG-aRuFZfgWm2RsBbqOuCmOM_3PIQt0AcrZwsPek9YrjFbRrN_PgQXeg32Ix7N3n0eIyjzLe1PkRRf78ZWVLlz1EnSJYr9VVXcdcad6IqZ3YJGQKG8t1O5nle-OQZDaxGpiz5_QiDjCEihGw3JjziBOyV79zG4R5kw0axM7yfO46cAvUH3oFQJ8VFvrn5n6BllUluoofA2xmXgm3oqTfhg&sig=Cg0ArKJSzLG5mbTWnzBtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.192.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 v1
p.tvpixel.com/com.snowplowanalytics.iglu/ Frame 5241 43 B
379 B 24ms
12ms Image
image/gif 3.88.245.113

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.tvpixel.com/com.snowplowanalytics.iglu/v1?schema=iglu:com.dataplusmath/video_impression/jsonschema/1-0-0&aid=hr-block-3b2605dc-5ccc-4a88-9436-5cddea1827c1&cb=1069130498&pub_id=7166125&adv_id=9121585&adv_nm=&c_id=29058854&c_nm=&pl_id=353794832&pl_nm=&ad_id=545288498&ad_nm=186559138&ad_len=&width=&height=&fw_caid=&u_id=&u_ip=&v_id=&v_nm=&app_id=&app_nm=&dvc_typ=&dvc_id=&dvc_lat=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.245.113 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:37:16 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxiX-tXbASABMAE&v=APEucNVSALYpvfEtyKBpCMpCg4UKo250MIcc92BqTQf4p9_57E-7vGqkrveZFlnB2kjTNTY37CFMBi7u91i3k49ZiMQ4b5B8qIGu018IDmTX0hJFsOZWHiE
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNkNTIwNDgtMzljOC0yNmU4LWM2YTUtMWU3ZDFlZDk2MDg4

170 B
188 B

28ms
23ms

Image
image/png

173.194.205.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNkNTIwNDgtMzljOC0yNmU4LWM2YTUtMWU3ZDFlZDk2MDg4

Protocol

Server

173.194.205.156 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Feb 2023 13:37:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmNkNTIwNDgtMzljOC0yNmU4LWM2YTUtMWU3ZDFlZDk2MDg4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5241 0
20 B 39ms
29ms Image
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6ob9nem1_QIV2wZoCB21ew89EAAYACCi1fpYOhoIzNO2igMQ2byNqqwEGKed1eEDIMqtwdC6EEITCPrG85zptf0CFd0PiAkdBlwHcA;dc_rmcid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D948%26v%3D20230213%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D792589156%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1677505036357;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.156 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5241 42 B
64 B 40ms
31ms Image
image/gif 2607:f8b0:400d:c0c::9b

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI47VGmdtV-9p2IsXjbvzFXamJz-Cox9n3qnJmI84Z8zDmbx2ZjbPdFJLKW0WlmjDdvVOI4lIeJw19ZX-QaEZShZRlU1KBavdY_7NTlK_maFvnwK18Z_rKtcEb1NCeDR8BE-8&sai=AMfl-YTJpyCJLEcj9n6V4PgfFUwP3SKB05iu7NvKst-CcrlKqUThlAv_t7Bn61ny7DbHrqVeqHPn8yVapqaLXww-afw5Us-nQ7KbIUhyIY7JbzoseQw0MNcw0EfuZ1AS&sig=Cg0ArKJSzOu_ayCoOVXuEAE&cid=CAQSPADUE5ymPUnuQFNVAlytm3iO0KVzIFj1v3_Gqz39JgvVuNOhOvasu4iOrNLDdgxsR_tieFokDyaC4C3DghgB&id=lidarv&acvw=sv%3D948%26v%3D20230213%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D792589156%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1677505036357&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5241 42 B
64 B 80ms
71ms Image
image/gif 2607:f8b0:400d:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_DNhCbL8Y7qeDN2foPwPhridgAfFgorlbsqtwdC6EKKd_aGMDhABIJLY30pgycapi8Ck2A-gAaP8y6goyAEFqAMByAObBKoEgQJP0AcYHE7kPHO9pgD8xfahaN6IIJq5gx_IXBVi_d1oDMTTD_-7uJ3GhpRVThQir2OyIQeFpxBsBh1MfFOnLdYAxtIL2X_L13JDM4iqdBlvrJD_CBImOItZqjDBheFzOux59lhBKycbYDza6lQAPbqkn0CC6ZG3TE1-ZtN5BJZEFuR9j8gHmW2plPwaK-c8Rz4yENNi97twwZjMLfYBG8J_LZedvzFey41EOVjFjgQKmPOxpJw_MQ8thF54G5C95vfCyg1VvLwdPU0tvO09qjNFopR1rItwRG-ib_vjdc8x90pVjNobwOjrAv5ck5qiKNBZIvCvQ8Ay_Wp1xgCzqhGeb8AE2byNqqwE4AQDkAYBoAZOgAejtJyIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE4HomhLIE6ed1eED0BMA2BMKiBQs2BQB0BUB-BYBgBcB6BcC&sigh=xy0m273B5Cc&label=vast_creativeview&ad_mt=20&acvw=sv%3D948%26v%3D20230213%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D19%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D792589156%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1677505036357

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5241 0
17 B 97ms
91ms Ping
image/gif 2a00:1450:4007:813::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lemv6pxj&c=5822177288932&slotId=2911088644466&qqid=CPrG85zptf0CFd0PiAkdBlwHcA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=885&mt=video%2Fmp4&vs=640x360&dm=12000&event_name=first_play&asset_bytes=197470&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.2j3~videopreviewstarted.2j8
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:813::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 13:37:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je32m0&_p=756904140&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1677505026&sct=1&seg=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&_s=2

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je32m0&_p=756904140&cid=404804102.1677505027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1677505026&sct=1&seg=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&_s=2

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_ek8Tb7XpZgZt_W_4vYiddU1J5NASc1fZTMbpa3F99Nr7Z9PIpNWKMtDqpvdOEs7hEHdAHn8tz91i_3VAjmV773_AHe8k&google_gid=CAESEHqnGVtPcPM2JMODcHsCzqQ

Domain: tg.socdm.com
URL: https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPQngtq-oAz1J2Gz9yN6kXw&google_cver=1&google_push=Aa02lx_Ptc5P-53OI2zE7vIxv1K5A5O9sw_37AVg7PIaDOWaSJDJKgb9cZsmDVnBE5M0AP1fzKS4knbzOX80GgP_0eVxnl3iJVGt

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-20 12:08:01	Name: _gcl_au Value: 1.1.78071731.1677505027
.doubleclick.net/	1970-01-20 09:58:25	Name: test_cookie Value: CheckForPermission
.s.id/	1970-01-20 19:34:25	Name: _ga Value: GA1.2.404804102.1677505027
.s.id/	1970-01-20 09:59:51	Name: _gid Value: GA1.2.913652988.1677505027
.s.id/	1970-01-20 09:58:25	Name: _gat_gtag_UA_225238330_2 Value: 1
.s.id/	1970-01-20 19:34:25	Name: _ga_LJQ0V44EV5 Value: GS1.1.1677505026.1.1.1677505030.0.0.0
.s.id/	1970-01-20 19:34:25	Name: _ga_98MWVCBDD7 Value: GS1.1.1677505026.1.1.1677505030.56.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.s.id/api/user/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://shortener.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53029b9fcd0ce37f60b793dea3e4c5cf.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
analytics.google.com
ap.lijit.com
api.s.id
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
blog.s.id
cdn.jsdelivr.net
cm.g.doubleclick.net
csi.gstatic.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ekr.zdassets.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
home.s.id
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mts0.google.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.tvpixel.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
protagcdn.com
px.owneriq.net
r2---sn-ab5l6nk6.c.2mdn.net
rr1---sn-ab5sznzd.googlevideo.com
s.amazon-adsystem.com
s.id
s0.2mdn.net
sdotid.zendesk.com
securepubads.g.doubleclick.net
shortener.zendesk.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
unified.adsafeprotected.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
analytics.google.com
eb2.3lift.com
tg.socdm.com
www.google-analytics.com
100.25.50.80
104.16.53.111
104.18.25.185
104.18.72.113
104.19.231.122
104.36.115.113
15.197.193.217
151.101.194.49
162.159.138.6
173.194.205.156
173.194.207.156
174.129.13.79
174.137.133.49
192.40.39.223
199.127.204.147
209.85.232.154
23.21.213.58
23.5.227.42
2600:1f18:1aca:4281:2d4d:67a7:4e93:963f
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315
2600:1f18:612b:4232:cbfb:31da:cef6:348
2600:9000:21dd:aa00:8:48e:53c0:93a1
2606:4700:20::681a:68e
2606:4700::6811:6cd4
2607:f8b0:4006:2::7
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:f::6
2607:f8b0:400d:c00::5e
2607:f8b0:400d:c00::9a
2607:f8b0:400d:c02::67
2607:f8b0:400d:c02::94
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c04::66
2607:f8b0:400d:c04::9a
2607:f8b0:400d:c04::9d
2607:f8b0:400d:c07::5f
2607:f8b0:400d:c07::9a
2607:f8b0:400d:c07::9d
2607:f8b0:400d:c09::5e
2607:f8b0:400d:c09::61
2607:f8b0:400d:c09::84
2607:f8b0:400d:c09::8b
2607:f8b0:400d:c0b::71
2607:f8b0:400d:c0c::9b
2607:f8b0:400d:c0d::65
2620:100:a001::4
2620:100:a001::c
2a00:1450:4007:813::2003
2a04:4e42:600::485
3.232.246.198
3.88.245.113
34.102.146.192
34.120.107.143
34.96.105.8
34.98.64.218
35.211.178.172
35.244.159.8
45.126.58.78
51.222.39.185
52.46.151.131
52.55.14.74
54.167.168.227
63.251.86.51
68.67.160.117
74.119.119.139
74.125.192.154
96.6.23.74
02723c9019bb3ebab29d006fa58590e1759ef7ba60755aa17edbf7ebc759f43c
02a16b477dfa8fe5fe408c2051042f31a15b0202fd64f70ca79a1df9f10e9fab
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0b1bd0e2c03531c3c089653463418df229cae482a400e497d0681a750e31f295
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0e5b553eae0a1bd5afea26fa8809c2bb72079191b523b75e9363d1cb11dcd96a
1245d3ddaaddbc28d42ad8699e9e9f41e99ffba4e4468af84f3f192603261165
153028d38066283cb12f18cef39397671766ded532fa008782e24de06fed33c1
16f875310ddb89ec1529a972b7705ddea35537bdbbb5c33c77b6982321829ee1
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f
1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527
1e1d637a3eb860160f403eee2a069b7ddc23f02e4ba8aac86ee22f90f0c00fa3
24204d788ab4604afbbcc4e6782f19c33608ad8b3f721d8f604c7124f79f80bc
294919c4ba58baaaa0054ec15294288e6af88f442e80217fe90ece943b03785e
29b1b6441b6c1ff0d83a6f09a0eba0e1f595197d94d2bd6e9d9d607e5a988d77
2b3c9ccd33ff64fbf704d153cba13092fbe17ecde0678a3d53cfa337e49a1786
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37c2a2c98989e62a75b5f11c3c2f901940fbf2c323be0bb275ec25f1751a4563
3b6bbde3fc56d62a4aa5c36fda0b7a9aba5e0d5913cd62816798ea04a0feaee4
3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865
44a53965a3f035bee1d1926d3456fd395c3391934bcbf56d769818b13ae69a85
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a74be6f3bef9f20234c37328c5d81a27a58b50a7c25901ca5d70fbc4c065d4a
4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b
4c47cb6b2207c7d39ee175ac32c99e549b0a9bb9cfb89f10fb5251aec48fd1d9
4e7aa678395bd03e64a4eb181ce498a3b33c50b95cb8ca52da3672963a60bbd6
53037efd05b191a87182ef3ba16be92dc69c3f3148c3a1f2a52f4ccf32910d67
53cc833848c4c67c1ed27e255440c829a06b8bfafc5818a51ea8e7d6333fe789
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58fca4d19145332228ca462c75848f97613752f7f8bdb4351d4dd198b6aeaca5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d44d7df65de36b9d4864dfac981e5a622ef516b59948a207bc24c64da25a17a
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61805aaec683b10d2b0c6d5f431b91d4894f413763c8206c16cc2f1ca9c0ca46
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627cd533180decffa415deafbf62f102ac7bdfd991a40cd9dd7eddc349803d59
62ba9f73621b36990200d7d06ade1a2e16899309a1935d9105e63d3cec9c2ad2
62c840e437d91761ff7021b81f40c9a009f4aed4082f7431633cac38ee3aec36
643cc1eca5ac3990d9bfef9b58742d394ea3d70bee7e1f96f0421c435b29ed5c
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
65390d5b7859d59c8f35e7b84ae5eea87672e71ca40ad6f4c1f87b0a6c8c7b6e
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2deb381d60aa9a7f01d4f1829f1c0299db18a1b667aa81e18c9c040eca1163
6d9a2bb2735c954682fa5cd71da95a29d078387c2934758177aac06fb92b9db5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
76a0d0720dc2f6bc434c0c2ffb32deaf3245421ba4994e2f8b1aaa0e4e88e676
77c32112d9ff0ee870ab61b5fde1ad9e978dd26c216035d3b70b60a6d56d40ee
7b8705fc55d937a73814aba4a7f3a11b030b3445af63b302dfed21cf7b8962d5
7f877742d5ee9762de28c1a13dc20ad019d1caf00b91d9d3d3bac091d4cefff8
81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
88805ddbe3298c2d3f8d3a8561851131379568095c800538cfc9439b96a4134b
8b8e491570cdfe6b25d81c5943c567d567c809158adfc0449f7683ab4c76e907
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
9481d1812910914a0290fa0a2652c0c99f1e710a6350a4307ea9570ef5e1db38
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a97f3e555b6cff7e0ac9d0b4bc8ba0da7071c529ec70334829915e5397d59e42
aa73b143648005b00d35288ad0322cf9fc10551b2b1bae23d1f54b052b1174bc
ade5aafd1ae4dc38520db4e5af96652f04b9cb0261b81158152ebe8a4061a0ad
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b03864b2c1e28d1219b43f5f06c2c3b530fd4c6fc9d1f8262c0938034017b7ec
b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
bccfb6e1053d38a80beb45f0de5db74ff700d98c1820a274ab3ffc9b46c9f735
bebab292aeb590e27cbd2ed78eb18aa6f26fd9b1086f69cd33e58e484b197427
c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cd0ee4780d1be116a41b397c9efb57ce0984c1419ea07725fa9f4ed995491e53
ce62785f51972df8ee838ed147adf5a1ffe11d81154cfe0c9667f3c9c668a0e5
d388d6eadbda67959df2e176105d189a9ee25434d49e645a752b2a10afefacab
d530ea669f380edb2e2e14f8f30d7ac3b5b98c6090d49f140e3f0eec4c299817
dc81419da19f1c777a0ba3ccd0b1019725c6333c17811717bf843bf2ddc105fc
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e05eeaaf8f7c7818eca13552446471257cf09b23d8fc24c310517d9c88c60ffa
e146ed284f6880522d5c9fb1fd40a0b443222efb23440de01c469f1f35ef8927
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be24db54af7faa99adb4a761a258edf8befa6a2e0de88f3455cfc5c64c168e
e75a047e3c98e61f29aec2e9e33691d22d3aa83c63845d3c0a9466c077aa10d7
e8269b74e3d03d021428c172b126c784c2279c24e48e807fd91c0bd19ec6e167
ebc8bf387644011312380615c2ff61915b71a638297d7f1ecb9b71599819f5da
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9bf3205eb1f74e902266b014761f622a52493b08f345455104e255aa907b267
fbf204a93ed92a148088fcc78ac2acc271c2d2957ef5d4a8f2be4a432c32f930

blog.s.id Open in urlscan Pro 45.126.58.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

246 Requests

86 %HTTPS

47 %IPv6

47 Domains

76 Subdomains

52 IPs

3 Countries

7830 kBTransfer

13497 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.s.id Open in urlscan Pro
45.126.58.78 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

86 %
HTTPS

47 %
IPv6

47
Domains

76
Subdomains

52
IPs

3
Countries

7830 kB
Transfer

13497 kB
Size

7
Cookies

246 HTTP transactions
8 data transactions