blog.s.id Open in urlscan Pro
45.126.58.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://chaseonlinebanking.robor.com.tr/bulk/load.php?locale=en-US&authID=ae295883d7ad059c9c42bf62c8acbfa3853412cd&start=1686288923&end=...
Effective URL:
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm...
Submission: On June 09 via automatic, source openphish (June 9th 2023, 4:32:46 pm UTC) — Scanned from DE

Summary HTTP 165 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 29 domains to perform 165 HTTP transactions. The main IP is 45.126.58.78, located in Indonesia and belongs to IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID. The main domain is blog.s.id.
TLS certificate: Issued by R3 on April 27th 2023. Valid for: 3 months.

This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.73.151.195 94.73.151.195	34619 (CIZGI) (CIZGI)
1 15	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4007:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:807::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:6f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
10	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4007:819::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4007:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:808::200e	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
16	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:de00:8:217d:7c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:d400:8:217d:7c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:818::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4007:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4bb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.128.7 162.159.128.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4007:813::2001	15169 (GOOGLE) (GOOGLE)
1	52.213.131.210 52.213.131.210	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4007:81a::2001	() ()
6	104.19.232.122 104.19.232.122	() ()
6	2606:4700::68... 2606:4700::6811:6ad4	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2002	() ()
165	44

1 94.73.151.195 (Turkey) 1 redirects

ASN34619 (CIZGI, TR)
PTR: cpls34.srvpanel.com

chaseonlinebanking.robor.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:7f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6f9 (United States)

ASN13335 (CLOUDFLARENET, US)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:819::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:808::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sdotid.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 45.126.58.78 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

blog.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:de00:8:217d:7c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:d400:8:217d:7c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3li60t7cgizua.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:818::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:810::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4bb1 (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.7 (None, )

ASN13335 (CLOUDFLARENET, US)

shortener.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:813::2001 (Ireland)

ASN15169 (GOOGLE, US)

4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.131.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-131-210.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4007:81a::2001 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.232.122 (None, )

ASN- ()

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:6ad4 (None, )

ASN- ()

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	s.id 1 redirects s.id — Cisco Umbrella Rank: 153011 home.s.id — Cisco Umbrella Rank: 862218 app.s.id — Cisco Umbrella Rank: 720039 blog.s.id cdn.s.id — Cisco Umbrella Rank: 785570	541 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com	485 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 121 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	219 KB
12	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2063 ekr.zdassets.com — Cisco Umbrella Rank: 2409	303 KB
11	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3028 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 106	2 KB
10	ampproject.org cdn.ampproject.org	218 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	514 KB
6	glotgrx.com pre.glotgrx.com	650 B
6	yabidos.com pixel.yabidos.com	75 KB
4	zendesk.com sdotid.zendesk.com shortener.zendesk.com	2 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1892 www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1359 google-bidout-d.openx.net — Cisco Umbrella Rank: 1367	756 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161	7 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5056	625 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1513	444 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1009 bcp.crwdcntrl.net — Cisco Umbrella Rank: 948	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 785 id5-sync.com — Cisco Umbrella Rank: 427	18 KB
2	gstatic.com fonts.gstatic.com	77 KB
1	googletagservices.com www.googletagservices.com	55 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1396	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 377	878 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1497	8 KB
1	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 79899	113 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1086	597 B
1	cloudfront.net d3li60t7cgizua.cloudfront.net	1 MB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	7 KB
1	robor.com.tr 1 redirects chaseonlinebanking.robor.com.tr	361 B
165	29

	Domain	Requested by
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com blog.s.id securepubads.g.doubleclick.net home.s.id 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
16	blog.s.id	home.s.id blog.s.id
12	home.s.id	home.s.id static.cloudflareinsights.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	static.zdassets.com	home.s.id static.zdassets.com blog.s.id
7	securepubads.g.doubleclick.net	blog.s.id securepubads.g.doubleclick.net home.s.id
7	pagead2.googlesyndication.com	blog.s.id pagead2.googlesyndication.com tpc.googlesyndication.com
7	www.google.com	3 redirects home.s.id tpc.googlesyndication.com blog.s.id 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
7	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com blog.s.id
7	www.googletagmanager.com	home.s.id www.googletagmanager.com blog.s.id
6	pre.glotgrx.com
6	pixel.yabidos.com	protagcdn.com pixel.yabidos.com
4	app.s.id	home.s.id
4	fonts.googleapis.com	home.s.id blog.s.id tpc.googlesyndication.com
3	sdotid.zendesk.com	static.zdassets.com
3	www.google.de	home.s.id blog.s.id
2	oajs.openx.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ekr.zdassets.com	static.zdassets.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	shortener.zendesk.com	static.zdassets.com
1	protagcdn.com	blog.s.id
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d3li60t7cgizua.cloudfront.net	blog.s.id
1	cdn.s.id	blog.s.id
1	static.cloudflareinsights.com	home.s.id
1	s.id	1 redirects
1	chaseonlinebanking.robor.com.tr	1 redirects
165	46

This site contains links to these domains. Also see Links.

Domain
s.id
home.s.id
instagram.com
twitter.com
facebook.com
tiktok.com

Subject Issuer	Validity	Valid
s.id GTS CA 1P5	`2023-04-16` - `2023-07-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sdotid.zendesk.com Cloudflare Inc ECC CA-3	`2022-12-19` - `2023-12-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
blog.s.id R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
cdn.s.id Amazon RSA 2048 M02	`2022-12-20` - `2024-01-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
protagcdn.com E1	`2023-05-02` - `2023-07-31`	3 months	crt.sh
zendesk.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Frame ID: 3DE5BAEADD30961E2495ED6D12C8E8FA
Requests: 90 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Frame ID: 1DB99F6DA99AC753F199BB6790927158
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 3BAD908A85908E2599EFBC8DE7C0A1AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1686328364&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686328363980&bpp=3&bdt=247&idt=228&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=147957626459&frm=20&pv=2&ga_vid=376858670.1686328362&ga_sid=1686328364&ga_hid=728214796&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441&oid=2&pvsid=2588144711486334&tmod=811274106&uas=0&nvt=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: 582C7957BC08A539325A3E5C660174B0
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Frame ID: 8A473E2182BBD1B10DC99DA1F96F931A
Requests: 2 HTTP requests in this frame

Frame: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 889C81CEC3C623A41F1315577831EF30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24112A1B1ACC9100C2CCF4E7DB6A20FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2430E0A01C3BBC05CC355E4FB6A7B412
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: 13CD69E0F934377D0BD2B263EE473058
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 85359E0245795C1D3FA28F306EBD7D6C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 6D06DA8460E05254783E6C37523DDE42
Requests: 12 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Frame ID: 2164CCEBC572776A3C65DDEFDEE70852
Requests: 4 HTTP requests in this frame

Frame: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7E73176402B66AA352C439BA3E77500
Requests: 8 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Frame ID: D226A9862186A94CCD71C4C727CFA057
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 4C403FF14B4FC818477A580F9B8244E7
Requests: 11 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Frame ID: 9F320E25776EC6AE3F5EBEABBB1474C5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html
Frame ID: 43DF6871B4CF77971B82648B9204C86D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 056719186A9A07C763AB3820FFEC10FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oops, You accessing Forbidden Link! What is that? - S.id

Page URL History Show full URLs

https://chaseonlinebanking.robor.com.tr/bulk/load.php?locale=en-US&authID=ae295883d7ad059c9c42bf62c8acbfa3853412cd&s... HTTP 302
https://s.id/kY66E HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm... Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

165
Requests

95 %
HTTPS

64 %
IPv6

29
Domains

46
Subdomains

44
IPs

8
Countries

3924 kB
Transfer

8805 kB
Size

16
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://s.id/1JAQW

Search URL Search Domain Scan URL

URL: https://s.id/appfairjkt

Search URL Search Domain Scan URL

URL: https://home.s.id/
Title: Home

Search URL Search Domain Scan URL

URL: https://home.s.id/subscription
Title: subscription

Search URL Search Domain Scan URL

URL: https://home.s.id/page/help
Title: Help

Search URL Search Domain Scan URL

URL: https://home.s.id/page/privacy-policy
Title: Privacy and Policy

Search URL Search Domain Scan URL

URL: https://home.s.id/page/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://home.s.id/page/report
Title: Report

Search URL Search Domain Scan URL

URL: https://home.s.id/page/about
Title: about

Search URL Search Domain Scan URL

URL: https://s.id/status
Title: status

Search URL Search Domain Scan URL

URL: https://instagram.com/home.s.id

Search URL Search Domain Scan URL

URL: https://twitter.com/home_s_id

Search URL Search Domain Scan URL

URL: https://facebook.com/socmed.s.id

Search URL Search Domain Scan URL

URL: https://tiktok.com/@home.s.id

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://chaseonlinebanking.robor.com.tr/bulk/load.php?locale=en-US&authID=ae295883d7ad059c9c42bf62c8acbfa3853412cd&start=1686288923&end=813792894 HTTP 302
https://s.id/kY66E HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://chaseonlinebanking.robor.com.tr/bulk/load.php?locale=en-US&authID=ae295883d7ad059c9c42bf62c8acbfa3853412cd&start=1686288923&end=813792894 HTTP 302
https://s.id/kY66E HTTP 302
https://home.s.id/forbidden

Request Chain 108

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 111

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=q9spWnx2OEpyMkxOa0VLbzN5Y1lyVkNaU25hSEplSDJvS1dZaU5rQS9wRElET2dFL1gwa3BUYlcxUUFXcDVUMjl5RXZWbTZ1Uk1XZTJpb0lSbktvNHA5Tkxtem9TbVdEMElZeXhCR2I0MitqaUEyRU9YSmdSdzFpaDZoVVNNWlRoTnN1L2NHR29FVTFsa1pyQzd1Vm5kZm50Rko3VmJFeU5HTU0zZ05McVNuUWloNVVKK1Y5WTFibHF4ZGtSMEhaRndyMXpJQWxRR1ZQdG5UbHlWTnB5VEF5MHduMDNIZ1RRdkg4emZNc0lLb0dYUFdGQ0lmcWdFMEFoeWlpMzJCWTNhc0toZ2JtQlZ6TjVjbTZQN1FSWDZSb3V0dz09fA&cppv=2

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

165 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

forbidden Show response
home.s.id/
Redirect Chain

https://chaseonlinebanking.robor.com.tr/bulk/load.php?locale=en-US&authID=ae295883d7ad059c9c42bf62c8acbfa3853412cd&start=1686288923&end=813792894
https://s.id/kY66E
https://home.s.id/forbidden

60 KB
19 KB

582ms
559ms

Document
text/html

2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

178e46df711e56d7c606e5b8414d3672540b7c0861398b5adbc5e7503f7d38eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d4ac59ceec63661-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 16:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AEwbnZEOqPkYhmGXqdM0ciix5AMmUaCw2RaT3COsI2xJIClYz78DbUml0obJA863f3mawsrmJKVoFIJh42HBxOsjkSNKKAsUcjbDG%2FVGYgb3QwdtDHpLutQGKSAK2u03VzeGxW1gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

Redirect headers

cache-control: private, max-age=30
cf-cache-status: DYNAMIC
cf-ray: 7d4ac5996a703661-FRA
content-length: 0
date: Fri, 09 Jun 2023 16:32:40 GMT
location: https://home.s.id/forbidden#action
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moRVLsPeLSGms4cYy8FsQ8TsedYWAaOeVo5TnFa8gw1p0AESCP9m8k8SX%2B%2Fnw%2F5YJlLHQr%2BK4dYGRQNyGOSwRSyIQfTK7tBjs%2BCV2DLHQipZvXbrs3gzFGhsZ58xZ5mSmj4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 7fc2e90008f7a2cb.css
home.s.id/_next/static/css/ 118 KB
18 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/css/7fc2e90008f7a2cb.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bbab4ee5c5b1bdd45eeaefaaf09847654d661c82ae02ea0137da0397af02b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 13:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 98420
etag: W/"1d87e-1889b1d1f08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw4nIQyMrvuyLceUbxiQfNctC0lNMwDck%2BkJq1w9xlGZmvEo8WEGpzSj4u%2FeTi2ym144tSqr5GJr1V%2B1Tw5JlkhPFDhO0eTlXVLzq%2B1HO7ZFsg05Dfir86crsWHPa50hRsE1Cl4Fyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a07b433661-FRA

GET
H2 200 webpack-894f37f778b7507f.js Show response
home.s.id/_next/static/chunks/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/webpack-894f37f778b7507f.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847984a19acd867a171ddfb62d68cfefb57c7b30b216908e4a2173a670bc81b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 13:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 98420
etag: W/"1163-1889b1d1f08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29liu%2FMa3ZNi%2BP4UhY6b2Lt%2FZxL5uh5SzNF%2B7eJ19R5T9KL8HFyixYa00oO8AaepxTa88fA4VdCqwFD%2BBm%2B%2BT1u1rFqmIxkDfKrTdts%2F92ZTKHh4z22tQPIkHLLi99GCzgZI6F8qWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a07b453661-FRA

GET
H2 200 framework-0203d16360ddbf38.js Show response
home.s.id/_next/static/chunks/ 138 KB
45 KB 32ms
27ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/framework-0203d16360ddbf38.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dffb777aa00ce1479132f8dbacb4a9446cea81d9fce5c2df882506a8c4c93122

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 05:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 558071
etag: W/"22711-1887fa7d6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpV%2BqqbgskItAzrKTqobJvFHedqZvk7bt3HtgLb4d8uGO1c7%2BD%2F2eufDSn0HJZi6WlIE%2BxZn01rcDn4HN1cHGAKGjZcadQOwkVtGNxejHEDeDDUuimL%2Fyjqj9XM2oCRxp%2FuqrD8AlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a08b503661-FRA

GET
H2 200 main-84504437487b53da.js Show response
home.s.id/_next/static/chunks/ 91 KB
28 KB 28ms
23ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/main-84504437487b53da.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a14d0ac05f3daa1edf06f4b1ed451a24dcf34c2af67f8377db3e19e376d646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 05:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 557794
etag: W/"16caf-1887fa7d6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQYCjkUGA3Ed4xSs1LrAgisSyLgPX75549abC8zF%2B%2BxULoB6%2FbI8lXagHjmWY8YE59q9%2Fys%2BY1F%2Bo9oOKG7My%2FocA0DIvf50II7qmCddB4XwXdgNzBfdPZD7aRoGTKU1IECnzs3yaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a08b543661-FRA

GET
H2 200 _app-6331aec52c85a362.js Show response
home.s.id/_next/static/chunks/pages/ 305 KB
91 KB 36ms
32ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/_app-6331aec52c85a362.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dccb49179e8cbcc1f0fcae4f6c64832ff55e68258c1c8f88921817cce4e69d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 05:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 557794
etag: W/"4c52a-1887fa7d6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iCpHgeSLyjug4DdWsQWRk0H97sEY2pNYUnd%2BSZc2sOHSPLjT4lAQCYDMg1PNwrilScwARnj4tUlRpIVKG9mFqZxh%2FA0vmz%2Be8a9VsrvTbwUqlIoz1Jz4wLKQa4u0lwIjxdSdvuZyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a08b553661-FRA

GET
H2 200 forbidden-8ba2f2f9e8409d0b.js Show response
home.s.id/_next/static/chunks/pages/ 3 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e5b55d86c0f08fd4f4eb1b255e67e92e26350c35f70279884ac043117e5825

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 03 Jun 2023 05:08:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 557794
etag: W/"db6-1887fa7d6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVOT1U68sOHzk9ZtqAO1xFK0D%2BHcGvLMsjfi5mpLgNpDrNwKhgE5toYHrntDecGcyz4OQmIpyhA7VF9TBZ1LMQx3vWH9J1G18y2Lff3ATHjeJUJvJ80%2Bg5a1i6gyw050NcfCYVQO9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a08b563661-FRA

GET
H2 200 _buildManifest.js Show response
home.s.id/_next/static/1IAr31p04A3a5opHQwe1E/ 10 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/1IAr31p04A3a5opHQwe1E/_buildManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bdd1db62b71648e4053ff69f36f8f6886b3d41997cf701dcc1ea2d822ca4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 09:18:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25222
etag: W/"28c4-1889f72e498"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1IGCCES0M4TSc8lMB32J8sH8Wqr8kx76eVDhyCwgqZaEF1y8FWbR90ipTNnXn4qMVXR22PncFf3ivTJVaqXigLPjKlwlyFP7Kib4oRSaTaU%2BdOiEvXtRevyia3DNIz84Da1CD4Gvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a09b653661-FRA

GET
H2 200 _ssgManifest.js Show response
home.s.id/_next/static/1IAr31p04A3a5opHQwe1E/ 91 B
401 B 33ms
26ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/1IAr31p04A3a5opHQwe1E/_ssgManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 09:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25222
etag: W/"5b-1889f736580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqHokHKVeKKJJYFsK%2Bmh2aVNSoEXyLsUHUzKQ3%2FPwrVrYw%2BqLcKBEPWnwSax0zln9r%2Frq7HlT4%2FIJY9zBhInl9CJBiAzhJKnfvUp3MX8eHCSUmXd%2BHMorOBuIYsFA327j6aEpyWNdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 7d4ac5a0cb8b3661-FRA

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 82ms
29ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16b6dfe206e80475057176362642d11f0ba0b9149a3fbecee7f016ce503dca0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 16:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
753 B 82ms
30ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

842389fa6e59bda1663fa1925b5eebb360d3c28e949f43e343200e5fc038981e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 16:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 403.svg
home.s.id/images/errors/ 4 KB
2 KB 537ms
531ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/errors/403.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juy0pJls2%2Be4dqu3qZga5hMgwWSegeiNFw2hqn12bikzsSU2feogfwHWx%2FpPgUAcVdQGnLj0xxCzRLg0%2BZDNZBlFuEcbT%2FZHBD%2FpeKzkldKPe4ZfPjOrgofr9Nl1mQEWYjtYHEN8yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7d4ac5a0cb8e3661-FRA

GET
H2 200 sid-logo-new-light.svg
home.s.id/images/ 4 KB
2 KB 547ms
538ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/sid-logo-new-light.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyyaLqKTSh63MWDkBVvSMR53GoUx9e4OyV1DABMK7I30mYqOm8I4wOkMWXkbGdSUVXGwci5lJDzWzZt%2Fds3qHRZY%2FPMkc9veY5RFQAbVUPEwlImi%2BSJ5G8KOFBFb44lFUaAsEWAzpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7d4ac5a0cb923661-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 70ms
22ms Font
font/woff2 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 06:34:49 GMT
x-content-type-options: nosniff
age: 35872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 06:34:49 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 55ms
40ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://home.s.id/
Origin: https://home.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d4ac5a18d401caf-FRA

OPTIONS
H2 204 redirect
app.s.id/api/ Frame 0
0 557ms
519ms Preflight 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
cf-cache-status: DYNAMIC
cf-ray: 7d4ac5a20b9118fd-FRA
date: Fri, 09 Jun 2023 16:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10T43nHSTy0pavGyZCkIf8yMoIgGfKO6bD8cqSqQ%2FC1oUo1qZBYTR3h6XMWzlglSeS1RRX09Uyy2cBpAIAGUhEptONh3KyfAm3FixXJzxRC9mxhhENBtKgcmU7QKKfq6Kjao2yXP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 204 me
app.s.id/api/user/ Frame 0
0 625ms
587ms Preflight 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/user/me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
cf-cache-status: DYNAMIC
cf-ray: 7d4ac5a21b9318fd-FRA
date: Fri, 09 Jun 2023 16:32:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rapkuVSeskE68Z1fdYKokQr2qWoL4%2BoS9a8Cf0XL5COQpZxDdhC0KBZMJGM6LcIR62se7XplvWwgP0YLEBDTQ8za5L6JTLo%2FEaiwyUbFEyJDCH%2F0fwW0qMGpSvDLwO9N8F4gifac"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 redirect Show response
app.s.id/api/ 469 B
758 B 570ms
568ms XHR
application/json 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-6331aec52c85a362.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
DS: 1686328361,kj8snx,e22d43668ef0f70876246bc58253a36f
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erZC3OQwSPhNTGrn3cYahJJ4FbT5JEFItH4hO4j%2B1j6bQLMG1GFvyQdPhY7z7DL%2B%2BKkXaQkr0%2BvRw29TT65UXe3a8ZHYiqMX7npUeA2%2F6iqKvc69YQonrAitZ1OlpVbeNoGibH3q"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7d4ac5a558833661-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 401 me Show response
app.s.id/api/user/ 58 B
451 B 566ms
565ms XHR
application/json 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/user/me

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-6331aec52c85a362.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
DS: 1686328361,v8s6ei,8999d930f02f306d55dc54835415bb2a
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUt80Nw1ZP%2FQI6VCdCEhTU63gQVREIspTJ%2FVnOyL0aZppeaHcA4YBcegeCcQYvaXX4B%2Fm4LFq3Cd65GpaGeBa0LsfVlxDjZV21qY6iuOY%2FkMk1YzuQOliKOyMwaKb2%2F59xY5yyWA"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7d4ac5a5b91b3661-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
content-length: 58

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 153ms
47ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-84504437487b53da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfbe87e978a825e55f0e1a3c1912ba7869a8a7b33c0f410321e21eeb6b4fb050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 250ms
144ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-84504437487b53da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

161b8964d31b3461bae5cb6dd83b7ab52d9a4811c3858dcdc334ebb90f25e432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 220ms
114ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-84504437487b53da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ee50a722bd8cf2d9adffb0cf14bb4c88198203d96aaf75bb9afd5a676ab7cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72362
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 48ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-84504437487b53da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATY6WDX7F5ZCPB48
age: 33
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 6WLyQS55k9mNBpmWND/35EF6azyT5SSHSyY3tIQKVyMrR95m5L8GaDgSyXHJHOpeqJZYZE7Not8=
last-modified: Sun, 14 May 2023 23:22:32 GMT
server: cloudflare
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js%2BWNiFbEJws7ff5493%2FeItgId%2FLEvSTyJq1ZddjGoOM6s74Vc0%2B3TBO5VZEjcQ3%2BdYZkJkTXa6mGCbk06%2BE5Ggyhl7FCTSZQq%2B1qJql1q9SElccvlmYIu3PKAO8WjEecjIFmn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7d4ac5a1f89037f6-FRA

GET
H2 200 4b27aa03-d3da-43eb-8382-660c054fbc9d Show response
ekr.zdassets.com/compose/ 316 B
1 KB 225ms
183ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98153171b7313788d99502f62111db838f28d9fb3cceec9be3b8a55052fe437

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7d38b37cd8e42fcb-SEA, 7d38b37cd8e42fcb-SEA
x-runtime: 0.015129
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b98153171b7313788d99502f62111db8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCQKy66RRf3%2BrpuiKLcwWiHh3JyKJU%2BAx67h3om41BKN%2BqqrlYFL2%2BVt1jimhSsJEjqKS8VMSVTaN3Vpv3jjE8k3NZVlttasl74zA37DqBbZld2UIYvnCkaJbZquLnIeEKM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7d4ac5a2691d362f-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3671&_p=1724748283&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3164fec8f6bd697b819a1a92c3e586a34926a49ca32241f5c823abb682f1afa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/ 3 KB
2 KB 115ms
66ms Script
text/javascript 2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1686328361600&cv=11&fst=1686328361600&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1753470768.1686328362&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376db900218a222f5115f0ce3cb97d5d7df993ce0f7f93d3822e980e12776918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3671&_p=1724748283&_gaz=1&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
240 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=376858670.1686328362&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 92ms
45ms Image
image/gif 2a00:1450:4007:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=376858670.1686328362&gtm=45je3671&aip=1&z=561562462

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-7a54a546dda064893d09.js Show response
static.zdassets.com/web_widget/latest/ Frame 1DB9 100 KB
32 KB 22ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a95245d69655b25812ab2bd247b8a4f29b922b27aff9b81947e6a61570df8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
x-amz-version-id: ImpBxBTadOOl9EZTmn0J0rVD2qJzTRSU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VTZWK5WZAN6X3Z3H
age: 837523
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: EcCXpAXOItprYq56uHFleDBbZtgpChmXJgU8Z7dVqSOqQlI0SN46Tnr7cNnxyvxPhfdRWBlF2As=
last-modified: Tue, 30 May 2023 07:00:36 GMT
server: cloudflare
etag: W/"cfee00965f5643d1a5750806433313b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBZpebUQ%2BUVY5RG8k8kE8VNfa4D2%2F3kbinSAXwIW9OO7XlD6%2Fu2ys3yjKHTzI4lw0C%2B9HIFcFumajdyGRQGwfY1CY0mLxaCrmKufVb2XOEMyBr15WvFCxZKFMdGUHac6uyFOmis%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a43b6537f6-FRA
expires: Wed, 29 May 2024 07:00:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 71ms
23ms Script
text/javascript 2a00:1450:4007:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 14:59:28 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5593
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 09 Jun 2023 16:59:28 GMT

GET
H2 200 config Show response
sdotid.zendesk.com/embeddable/ Frame 1DB9 963 B
1 KB 335ms
278ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce43da5a26c000cda1f9015a85119f1d6c2cfe3b3befa860276129e32a3216b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-fb8cd97dc-bzvpq
x-cached: MISS
x-request-id: 7d4ac5a4caec3632-FRA
x-runtime: 0.003429
last-modified: Fri, 09 Jun 2023 16:28:28 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xndE2sQh6oPHNyF1Og3Qe9pnxyHtXnf%2BRqFQHIHmd%2FgwhOISx5vqOZUcBPoJUY1g82eP9gNl0aTLW8dD2do1O9oQiVQrLcCa42dqLswzmRPFDLdOzEHDBFAk%2FUPI1RApvYuPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7d4ac5a4caec3632-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/10823601447/ 42 B
455 B 142ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10823601447/?random=1686328361600&cv=11&fst=1686326400000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=295478688&rmt_tld=0&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10823601447/ 42 B
154 B 32ms
32ms Image
image/gif 2a00:1450:4007:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10823601447/?random=1686328361600&cv=11&fst=1686326400000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=295478688&rmt_tld=1&ipr=y

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 26ms
26ms XHR
text/plain 2a00:1450:4007:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1724748283&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&dt=Forbidden%20-%20S.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2123504218&gjid=134084058&cid=376858670.1686328362&tid=UA-225238330-2&_gid=285282947.1686328362&_r=1&gtm=457e3671&jsscut=1&z=246485146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rum Show response
home.s.id/cdn-cgi/ 0
154 B 17ms
16ms XHR
text/plain 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://home.s.id/forbidden
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Fri, 09 Jun 2023 16:32:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://home.s.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d4ac5a5c9263661-FRA

GET
H2 200 web-widget-main-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1DB9 489 KB
152 KB 30ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9b0f1d061661981d6c60ad0fe0c6507343587089d010525a3f9bb7e5542c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: GbN4aipJ4Yp37ppdWuijcxqCGl59nkbf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Y5YPQSFZKMTNYCKZ
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: I5+dxlqCwf/4w1fax9hgJuUUJw7ZilypybItpKs9LkaTHQ+AJllgj2ND0J3hmSjcQvLUXNcdFbQ=
last-modified: Tue, 30 May 2023 07:07:13 GMT
server: cloudflare
etag: W/"f327145f45650ceff0cfc6c92d6f7e13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvLeoucruwz5FLkYvA0bsMnXXSK5I%2Bs6BdM0NGBNWI6i6eBcfSD6I6D6J0MGJJjC%2FvBbzHYWUSFyZbSd5Po4j%2B4qvoVFHHdTxaXG8xSqqh2Y31BorBmY3nhXibsK14RZcRLyPZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a69ed637f6-FRA
expires: Wed, 29 May 2024 07:07:12 GMT

GET
H2 200 en-us-json-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 1DB9 16 KB
3 KB 21ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8342aa392a57d9b44b26902cc6dd4e155f920cb04b5d12ac5b50bf89ba255466

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: ckEWwHuPcXFhJBbmrgbqPnbQkZ3kvchP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPJPGN38G68742Z
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: eOBVyh5lTLGw2Oq41T9RjtTo2jYpBshbCADWhCrUrpKa03YqhAPVXslCqFEIjSD425LSi2ERPio=
last-modified: Tue, 30 May 2023 07:07:15 GMT
server: cloudflare
etag: W/"3b50d707d23772f060152b4ff6347a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cPxOD%2B1U0LwEFR2oWd7b1wf3zJmK%2BI6cBjnD5E7nFDjUOTgnkvFFbBywEAYjAu3maYPZM6TgI8J6ks%2B88jeprBv4xl5aQHbl458pOLW1b%2Ba%2Fvj8j77e15Ha6NHnaWbsw3xKzF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a75fe537f6-FRA
expires: Wed, 29 May 2024 07:07:14 GMT

GET
H2 200 web-widget-4852-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1DB9 139 KB
47 KB 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: Z7qSnC81GfLqAWH_agTdHOCeObunyHDa
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPQEA33JVRMHWKK
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: kRtNtiBT1+pRoCaAPuMjo72PaR28m6S459voLuR2HVz8YiOKyb/NiqIV3CuvO29ZNhAcm16A00c=
last-modified: Tue, 30 May 2023 07:07:14 GMT
server: cloudflare
etag: W/"537006977bee3c56b5a5b9900b593d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh5N2VvLrgVCw1PFmw4AeedFO8yA%2BWc6oicODSvhEvXGK7925kshbookomlSWwJ1zeYinHDdjyL6lniqH37s34PKHDEOTtcLP3lV4kfss85s7YTAn4O5ynVDIMeyzy%2FbDD3P1LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a75fe737f6-FRA
expires: Wed, 29 May 2024 07:07:13 GMT

GET
H2 200 web-widget-519-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1DB9 24 KB
8 KB 22ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: LuPPJPP.tnyIBAgg87OB7PB.gsmNO5yU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPKPEDT3MQBY73G
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: f00Kwzvk/OQUNMnnPoDnKBoS5hiW9W8Ke3NrE32CVr+GOZ1ThAPR5JqmTsp7oXx4WthThg3KEOM=
last-modified: Tue, 30 May 2023 07:07:14 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6chnHVegatSZRn%2F%2FtLbtMCBR7y2ifOIeL6uMI8hGr2MkbKJqPO4g2RUdJnMvFagphXufSbD7%2BLAAW4D02Mn0Kun68gUzTBED37qtLnmTxlyC5RCM32Tl6kOytX%2BB2knJkS6PnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a75fea37f6-FRA
expires: Wed, 29 May 2024 07:07:13 GMT

GET
H2 200 web-widget-5178-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1DB9 23 KB
7 KB 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d8bf1bde6f73acada1a82076d3edec8863809e743be8ac501948b927fb18e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: GpXwKA7iR0JjkmbImCOgDumI2UO5_7WL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPS3DY14JF0M60V
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: r+xOAu05JonU/RtjbcK+RfZJ4CTKM8GD02ir9fBPA+vbgkJW5AHhuA/sHe9RmGOlidnOazmKnlU=
last-modified: Tue, 30 May 2023 07:07:14 GMT
server: cloudflare
etag: W/"9b70fa6eb92b6e43751f8dd5a8eae959"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVdmbP5u%2FYiZ6dTUiPn2glIKweTQIFOP1%2BNk75M42GNeMmF6Rn0tL%2FdqvH2M9NUa4tvBCzsoBT3pVa5YT%2Fhh9GmFM4YYsvmCTdPr4r5Vd1C7jc5dl3zKIKqhk2HTXYYxZJGaa7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a75fec37f6-FRA
expires: Wed, 29 May 2024 07:07:13 GMT

GET
H2 200 web-widget-9535-bfd6eb7.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1DB9 15 KB
6 KB 18ms
18ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-bfd6eb7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-bfd6eb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d1d6d48f5149fe62888e9bf0d0e4154c20fee2d472408567596fc62dc5da00

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
x-amz-version-id: e_wcOfh7D7m8y.8jN9MUUqSGhQo9IPLq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DQPGXZDMEBZY4T05
age: 837521
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: vfZJOKOuHT7xx/lEYgJuXdlffdssZT1yWQ2U8KBGD6t/7PPp6frwD2RSlIqfC7kokwRTPdHhgIw=
last-modified: Tue, 30 May 2023 07:07:13 GMT
server: cloudflare
etag: W/"e01f80d1167a81b573ae4dc6f37b0330"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qpJLvGTrHdTjZPQcIJsdlE7WuNNIoiu%2FQhz5kxAfRxPzSQ40n0aEw00oj2ednWlETUeoHEO6Ttq76MgfamIMOdiUXH%2F%2B2K9drnGjIdCbQM2H8AaOuBdgFnBstbGdX1Db1FvkLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5a76fed37f6-FRA
expires: Wed, 29 May 2024 07:07:12 GMT

POST
H2 200 pv
sdotid.zendesk.com/frontendevents/ Frame 1DB9 0
0 270ms
270ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jun 2023 16:32:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il3arkuTumFKnFLKv1Sj%2FcMrH6%2FL8m4kaLhrQQ%2FxsOcZr81xcGyWuoFUZ0I9SVEDX4WAmJVlYQKYEjodgVBqlMVMH8jwDNSDDJgwhGYkgiUXyDtZ%2Fofa77BMWGYiIZQbcLJ7kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7d4ac5a949313632-FRA
content-length: 0
x-request-id: 7d4ac5a949313632-FRA

OPTIONS
H2 204 pv
sdotid.zendesk.com/frontendevents/ Frame 0
0 271ms
270ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7d4ac5a79ef63632-FRA
date: Fri, 09 Jun 2023 16:32:42 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dliW3AsCQKvAu8%2F5Q31NFxt%2BAmanWD3sWONnllqBebcTyl8NMcB1JM4UIHi%2Bg8vVcAIx2Sbacsxss2ZLtsuKto%2FIlGYffSuDmg2lcjHzQ%2BneA4EhxiAFs6qWejoVDNGFL5mV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 7d4ac5a79ef63632-FRA
x-zendesk-zorg: yes

GET
H2 200 Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response
blog.s.id/post/2022/05/19/ 61 KB
16 KB 634ms
214ms Document
text/html 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

/ Next.js

Resource Hash

65a4fe10fbb28a60b2b7cc1c3872e9fd1f815a3eaff880f148eb84a1b3eb0f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://home.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 16:32:43 GMT
etag: "dhfmpnr1pz1cjf"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: Next.js

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST rum
home.s.id/cdn-cgi/ 0
0

GET
H2 200 918e0b86c8a122af.css
blog.s.id/_next/static/css/ 104 KB
17 KB 191ms
191ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/918e0b86c8a122af.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

980622a885bff34a8e7b4c86ed770408a5136237d90ca4656d16425d7c8d8686

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"1a0f9-1889f717180"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 0ccc702cf5b6f291.css
blog.s.id/_next/static/css/ 722 B
971 B 182ms
182ms Stylesheet
text/css 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"2d2-1889f717180"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 722

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 175ms
85ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3500329cb108e3446e72e303f2aea7c7e9fb92f0cea69129f30ae08c711d78c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47347
x-xss-protection: 0
server: cafe
etag: 9319702282737488649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:32:43 GMT

GET
H2 200 webpack-6ef43a8d4a395f49.js Show response
blog.s.id/_next/static/chunks/ 2 KB
1 KB 184ms
181ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/webpack-6ef43a8d4a395f49.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

38ea73ab67fc116151506874fc35620aacfc4d7465b5b76b307bd38c4fb9fdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"834-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-2647c7e378e02044.js Show response
blog.s.id/_next/static/chunks/ 138 KB
45 KB 305ms
302ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/framework-2647c7e378e02044.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"22701-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-ae57ee9c17c390d0.js Show response
blog.s.id/_next/static/chunks/ 91 KB
28 KB 305ms
303ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"16b82-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-4f6033a19fc0446b.js Show response
blog.s.id/_next/static/chunks/pages/ 150 KB
47 KB 481ms
478ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/_app-4f6033a19fc0446b.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

833cf5ead439ce711de736169c132094e3a7c732b81da9b7294e7a0447331eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"25956-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 9849d5b5-45be35bd4b4157cd.js Show response
blog.s.id/_next/static/chunks/ 3 KB
2 KB 305ms
302ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"a7e-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 384-775166be1d63b509.js Show response
blog.s.id/_next/static/chunks/ 162 KB
50 KB 477ms
474ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/384-775166be1d63b509.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

9dfd939aba9ede7ea9808394da1a817aac8434b74fcc768e876f70e8bf9e7778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"288d5-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 852-90121b3a75bceccc.js Show response
blog.s.id/_next/static/chunks/ 16 KB
5 KB 363ms
360ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/852-90121b3a75bceccc.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

0d6b7b98db5a300467461fe230a46da29dd321bb6c1d330414456466560a3818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"3ec5-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 %5B...article%5D-b9ec557481ff460c.js Show response
blog.s.id/_next/static/chunks/pages/post/ 23 KB
8 KB 667ms
665ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-b9ec557481ff460c.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

cdde8e6d54044217317e2bdf0eb6d528aff5207f3ec8bfdfc176f74f6d5238d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"5a6d-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
blog.s.id/_next/static/QifX_n1HcnD-WxFKIQqkA/ 999 B
1 KB 661ms
659ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/QifX_n1HcnD-WxFKIQqkA/_buildManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

382716f715a2e1c913848b54af70259eeb5c3c06f43598f5a67ee09988c4bba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"3e7-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 999

GET
H2 200 _ssgManifest.js Show response
blog.s.id/_next/static/QifX_n1HcnD-WxFKIQqkA/ 77 B
335 B 665ms
663ms Script
application/javascript 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/QifX_n1HcnD-WxFKIQqkA/_ssgManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 09 Jun 2023 09:16:32 GMT
etag: W/"4d-1889f717180"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
871 B 29ms
29ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 16:32:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jun 2023 16:32:43 GMT

GET
H2 200 twib_2305_12x3.png
cdn.s.id/assets/ 98 KB
98 KB 51ms
7ms Image
image/webp 2600:9000:223e:de00:8:217d:7c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.s.id/assets/twib_2305_12x3.png
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:de00:8:217d:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1181f845db285df5fd22d07af5e1b79842cb90f51cadad31fb47f1fd91b0030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Wsql2JZNQKUJpKN.Vb9rRq4J3CFEbvc7
date: Fri, 09 Jun 2023 07:48:16 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Fri, 19 May 2023 03:39:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 61006
x-amz-server-side-encryption: AES256
etag: "7103c23e3ede7fb239e03e1fffb96d49"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 100326
x-amz-cf-id: VF_dIiOXPK8UIWa5p-0-pUUSFawwbb9P8t-E2pwGj9P_pqw9eHGLcA==

GET
H2 200 230606-appfair.png
d3li60t7cgizua.cloudfront.net/images/ads/ 1 MB
1 MB 39ms
8ms Image
image/png 2600:9000:223e:d400:8:217d:7c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/ads/230606-appfair.png
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:d400:8:217d:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ac30ba8f6137bc1f50ed2159fe5f85833c7ac8d15527efe4834f6b1c2a7c5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: nFDBbHFv16Jza_X2SUn4E2nrDw1gMiRX
date: Fri, 09 Jun 2023 04:33:54 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 03:21:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 43159
x-amz-server-side-encryption: AES256
etag: "4e94cbde9b1a9ba26aecf726eb0de238"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1251640
x-amz-cf-id: aaWiY4VDcZOkFUCJ1A0YeVB9DI7fwHydHiVT1CsWpJZ6oKyWkAYDnw==

GET
H2 200 sid-logo-new-light.svg
blog.s.id/images/ 4 KB
2 KB 662ms
661ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-light.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"f40-17f53bdff78"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 adg-red-ring.svg
blog.s.id/images/ 6 KB
2 KB 669ms
668ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/adg-red-ring.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 12 Mar 2022 15:31:22 GMT
etag: W/"1926-17f7ec17510"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ 352 KB
118 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=blog.s.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba0bdced7fcb11519fe1bbf792d6a2648e1a7bf00a606312339695f38e454364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121041
x-xss-protection: 0
server: cafe
etag: 10470220551165020599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:32:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 3BAD 10 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 06:33:43 GMT
etag: 15057649708203361565
expires: Fri, 23 Jun 2023 06:33:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 47 KB
47 KB 22ms
22ms Font
font/woff2 2a00:1450:4007:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:53:09 GMT
x-content-type-options: nosniff
age: 117575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 07:53:09 GMT

GET
H2 200 sid-logo-new-dark.svg
blog.s.id/images/ 4 KB
2 KB 363ms
363ms Image
image/svg+xml 45.126.58.78
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-dark.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.78 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"f40-17f53bdff78"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
597 B 131ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=blog.s.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d13597e1b6ab57b36c12eddf98ffe6e1cb4a36d3f9a6b300a56b77ca2d9c7a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
30ms Script
application/javascript 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 582C 0
20 B 211ms
211ms Document
text/html 2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1686328364&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686328363980&bpp=3&bdt=247&idt=228&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=147957626459&frm=20&pv=2&ga_vid=376858670.1686328362&ga_sid=1686328364&ga_hid=728214796&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441&oid=2&pvsid=2588144711486334&tmod=811274106&uas=0&nvt=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:44 GMT
expires: Fri, 09 Jun 2023 16:32:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f64c6aa9134fa178895ff2de3734ffc6063671b537892fa8e0c7f2db958e4621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc3654452488952be2eb33f84b9de08a77310399efa0939981bc1f959036fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81376
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:44 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 17ms
17ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATY6WDX7F5ZCPB48
age: 36
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 6WLyQS55k9mNBpmWND/35EF6azyT5SSHSyY3tIQKVyMrR95m5L8GaDgSyXHJHOpeqJZYZE7Not8=
last-modified: Sun, 14 May 2023 23:22:32 GMT
server: cloudflare
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ojkn%2Bq55feopKVc7KT9Hat7ze7hWoQXOM6qGJxuDiCo2aXy4WiVoiZrZhFtnMCbtzDNORL4nZOEan%2BmtMDDnFGB3X7ZOf2KA%2B3Trz8qk3gTxtdsghxTQgXANvtUkxfce%2FT205vE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7d4ac5b60cd337f6-FRA

GET
H2 200 1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response
ekr.zdassets.com/compose/ 319 B
579 B 172ms
172ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e223da961efe8c88031cc755324273557a864a0003f076935e7bc7c42c06e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7d38b48e1c543556-SEA, 7d38b48e1c543556-SEA
x-runtime: 0.002810
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e223da961efe8c88031cc75532427355"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXk%2BA4fJ9hujtxhA4W04Qj8jseDqPoQHxEvxyF%2BEEJYDd4GtV34XNOyUKncqCzis%2FtJx%2F6f9wmulUrcRzIY9qQRdt%2BaGA3UwBwYVPqvXIGXYdkN54VIUlUCrNrY%2FKuTYvPI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7d4ac5b62b3c362f-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

969dac33628d45dc0b56d54b1cb13f55896000602214d5a27bd82ee344b53d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80836
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:32:44 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3671&_p=728214796&_gaz=1&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686328364&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
68 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=376858670.1686328362&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4007:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=376858670.1686328362&gtm=45je3671&aip=1&z=143501124

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:80b::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3671&_p=728214796&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686328364&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-7a54a546dda064893d09.js Show response
static.zdassets.com/web_widget/latest/ Frame 8A47 100 KB
32 KB 19ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a95245d69655b25812ab2bd247b8a4f29b922b27aff9b81947e6a61570df8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
x-amz-version-id: ImpBxBTadOOl9EZTmn0J0rVD2qJzTRSU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VTZWK5WZAN6X3Z3H
age: 837526
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: EcCXpAXOItprYq56uHFleDBbZtgpChmXJgU8Z7dVqSOqQlI0SN46Tnr7cNnxyvxPhfdRWBlF2As=
last-modified: Tue, 30 May 2023 07:00:36 GMT
server: cloudflare
etag: W/"cfee00965f5643d1a5750806433313b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9B5QeLn2w6T%2FKiHe7JlcU0TpJJNVFppM1PQttYMHEmhA7Jwf4A3M%2Fwwp2dY6eQGPqsKDqLrrsu5wRI6rfdy6RjTCHr%2F3g3FbUpQaVnTtgUabp1cWQImOBLkG9u5my0xwHacRFtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7d4ac5b74eb637f6-FRA
expires: Wed, 29 May 2024 07:00:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 165ms
86ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46752e1a9d0ef98e44f0908f93b34b856c27940dc74060f8a2d0f8e61e882c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11325
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 157ms
107ms Script
text/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fa15d2754d902c0bcb7d94bf8dc1b44cdb75dfdf730683dd186fb6223027c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25321
x-xss-protection: 0
server: cafe
etag: 475 / 19517 / 31075140 / config-hash: 993080040295644501
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:32:44 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/s.id/ 386 KB
113 KB 83ms
40ms Script
application/javascript 2606:4700:20::ac43:4bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/s.id/site.js
Requested by: Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ae57ee9c17c390d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623
cf-polished: origSize=396346
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 28 Jun 2022 09:03:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6H7HFt7USRm9R45COmwEKincKx5HppSx%2FSxhg8y4IH8Io2NpT7IIEJISnDjaIVxg8ePxxCgJGzFPJYxErfcCl2MxDj8WbTU9Y1M3EfIXXOR8N0FnnKBlmFXLITCGE37xo9JJt4ODCQZums%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7d4ac5b7ba3b2c59-FRA
expires: Fri, 09 Jun 2023 17:02:44 GMT

GET
H2 404 config Show response
shortener.zendesk.com/embeddable/ Frame 8A47 15 B
959 B 61ms
19ms Fetch
text/plain 162.159.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shortener.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a54a546dda064893d09.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.128.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
strict-transport-security: max-age=0;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 464
x-zendesk-origin-server: embeddable-app-server-5d7f8bb699-sd2ns
x-request-id: 7d4aba5dc8272c2e-FRA
x-runtime: 0.012768
server: cloudflare
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE6n7T8u%2FXGaXIubKu0i8uCUjlELeazyzi2fDoklS6fVDL%2Fz06w5MbS4vIGuV65PwF8I7GnzlYfCJvnFajU6zsq62gUW5BjsL0rwx8zpX8%2BF%2B0g5Rkr7UBB9BxjDdSMOJti6B23xEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=3600
content-type: text/plain; charset=utf-8
cf-ray: 7d4ac5b7be4b2c57-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 174ms
82ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 16:32:45 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 404 KB
125 KB 23ms
22ms Script
text/javascript 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21376
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 08 Jun 2024 10:36:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 715 B
357 B 105ms
59ms XHR
application/json 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b614eff995af1ea033a632c7b52898592ac08493ce9aadc588bc7d4be4f04e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 09 Jun 2023 16:32:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 29ms
29ms Script
application/javascript 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 70ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 20 May 2023 18:30:39 GMT
content-encoding: gzip
age: 1720926
x-guploader-uploadid: ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 19 May 2024 18:30:39 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 53ms
21ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 16:32:45 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 52ms
16ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 16:32:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 18790
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230109-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 45ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: NG7B76GJN825H0S8
age: 2925
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d4ac5b98c04bb61-FRA
x-amz-id-2: NyHCyAtkatE46IVClDhJEwyOxJHtf6giBt/cxzVom8MvAYI/wUtkQGiE+SzHZZ7YvcLzIaP6EBI=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 33ms
7ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 01:47:30 GMT
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 53116
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JAjsQk0iQn5tDmQm-P__NCfsM1rJy5eH9YtmRcX2nWMjxSaS14-uEQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 54ms
16ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 15:40:24 GMT
via: 1.1 google
age: 3141
x-guploader-uploadid: ADPycduFqgV006udDN1TJSxcJin5RCGNydQPqhypeoNntSh6BkWGVeS14wfO_OjVCGsHwinBhoWOXveTkHYTR2jI5zlJLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Fri, 09 Jun 2023 16:40:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 KB
62 KB 1244ms
1243ms XHR
text/plain 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2588144711486334&correlator=2556961244139415&eid=31074947%2C31075063%2C31075140%2C31075146%2C31075238&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D49%26protag_minutes%3D32%26protag_hours%3D16%26protag_day%3D5%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D49%26protag_minutes%3D32%26protag_hours%3D16%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D49%26protag_minutes%3D32%26protag_hours%3D16%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D49%26protag_minutes%3D32%26protag_hours%3D16%26protag_day%3D5%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D49%26protag_minutes%3D32%26protag_hours%3D16%26protag_day%3D5%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&sc=1&cookie=ID%3D6af85eec68451f2d-2253f90161e10063%3AT%3D1686328364%3ART%3D1686328364%3AS%3DALNI_MYSGvIosxJ5bZ_bFeluAg-p7SCmsg&gpic=UID%3D00000c46195067f9%3AT%3D1686328364%3ART%3D1686328364%3AS%3DALNI_MYeGft6VXopVh90vnc1ERWdzB3LSQ&abxe=1&dt=1686328365025&lmt=1686328365&dlt=1686328363734&idt=1238&adxs=-9%2C426%2C426%2C426%2C1086&adys=-9%2C414%2C1324%2C2762%2C286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&frm=20&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C220x0&msz=0x-1%7C468x0%7C744x0%7C744x0%7C220x0&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=376858670.1686328362&ga_sid=1686328364&ga_hid=728214796&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY25-DiIoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjbn4OIijFIAFICCGQSGQoKcHViY2lkLm9yZxjbn4OIijFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y25-DiIoxSABSAghkEhcKCHJ0YmhvdXNlGNufg4iKMUgAUgIIZBIUCgVvcGVueBjbn4OIijFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a77d97853c07e51b26f61d4cf64705c5acf67d7827fd49275fe3900e11b78fa6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrrtdnOtv8CFRkZBgAdun0PfQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/5029971978473570265/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrrtdnOtv8CFRkZBgAdun0PfQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/5029971978473570265/index.html
date: Fri, 09 Jun 2023 16:32:46 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63292
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 889C 6 KB
3 KB 107ms
26ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:45 GMT
expires: Sat, 08 Jun 2024 16:32:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 100ms
28ms XHR
application/json 52.213.131.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.131.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-131-210.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0eaae9958d915dd8e313edc9c183b56c0c36ecacd716b8d77549ad52e7b24269

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://blog.s.id
cache-control: no-cache
x-server: 10.45.21.239
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2411 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 14:43:08 GMT
expires: Sat, 08 Jun 2024 14:43:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2430 783 B
951 B 50ms
49ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecff07dad68a192d6d256db9566b90e9ef3b78564fdf5793980098fc00d8095f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4-1M0-u4vr5ZrAMVSula2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-4-1M0-u4vr5ZrAMVSula2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:45 GMT
expires: Fri, 09 Jun 2023 16:32:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 95ms
27ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blog.s.id
date: Fri, 09 Jun 2023 16:32:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 349 B
444 B 31ms
30ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ed96bd587efeba8df2a63ffa5b6bbd7755e32092ed3a3dade4c561f462a8437e

Request headers

Referer: https://blog.s.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: ced7b6d9131df49048644a6f1600a7e7
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 78ms
26ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://blog.s.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 09 Jun 2023 16:32:45 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: d3caff5179966cba4d8461c07a9e315d

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 13CD 15 KB
6 KB 49ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 330596
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

85 B
203 B

118ms
116ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b50fac46b3ce385b1efcbf7a24230addd395a8d3a4a5e60fe8edf478c23ed8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-4GqAYV7lRkVN2M5C0Z8OygHX0BA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 09 Jun 2023 16:32:45 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://blog.s.id
location: /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2411 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:33:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2430 0
0 71ms
71ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=2588144711486334&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 13CD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=q9spWnx2OEpyMkxOa0VLbzN5Y1lyVkNaU25hSEplSDJvS1dZaU5rQS9wRElET2dFL1gwa3BUYlcxUUFXcDVUMjl5RXZWbTZ1Uk1XZTJpb0lSbktvNHA5Tkxtem9TbVdEMElZeXhCR2I0MitqaUEyRU9YSmdSdzFpaDZoVV...

430 B
656 B

85ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=q9spWnx2OEpyMkxOa0VLbzN5Y1lyVkNaU25hSEplSDJvS1dZaU5rQS9wRElET2dFL1gwa3BUYlcxUUFXcDVUMjl5RXZWbTZ1Uk1XZTJpb0lSbktvNHA5Tkxtem9TbVdEMElZeXhCR2I0MitqaUEyRU9YSmdSdzFpaDZoVVNNWlRoTnN1L2NHR29FVTFsa1pyQzd1Vm5kZm50Rko3VmJFeU5HTU0zZ05McVNuUWloNVVKK1Y5WTFibHF4ZGtSMEhaRndyMXpJQWxRR1ZQdG5UbHlWTnB5VEF5MHduMDNIZ1RRdkg4emZNc0lLb0dYUFdGQ0lmcWdFMEFoeWlpMzJCWTNhc0toZ2JtQlZ6TjVjbTZQN1FSWDZSb3V0dz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67de7461a2cb06cdf436e64b6b6d6607482df3353e296e72b21d246b8cd7fab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1684613
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:32:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=q9spWnx2OEpyMkxOa0VLbzN5Y1lyVkNaU25hSEplSDJvS1dZaU5rQS9wRElET2dFL1gwa3BUYlcxUUFXcDVUMjl5RXZWbTZ1Uk1XZTJpb0lSbktvNHA5Tkxtem9TbVdEMElZeXhCR2I0MitqaUEyRU9YSmdSdzFpaDZoVVNNWlRoTnN1L2NHR29FVTFsa1pyQzd1Vm5kZm50Rko3VmJFeU5HTU0zZ05McVNuUWloNVVKK1Y5WTFibHF4ZGtSMEhaRndyMXpJQWxRR1ZQdG5UbHlWTnB5VEF5MHduMDNIZ1RRdkg4emZNc0lLb0dYUFdGQ0lmcWdFMEFoeWlpMzJCWTNhc0toZ2JtQlZ6TjVjbTZQN1FSWDZSb3V0dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 364493
content-length: 0
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2411 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OasWog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8535 0
176 B 84ms
27ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 09 Jun 2023 16:32:45 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230607&jk=2588144711486334&bg=!TU6lThrNAAaGYqkwpmI7ADkAdvg8Wr9oquWb9zRr0YKT7y6UC3oERLT7UCrrgjCQVHUm-0K4kq7_dUNjpCBHLRKFutKUXGZpUhQCAAAAQFIAAAAIaAEHmQLwUEeA30JphHd-IT7AhatuZ0eyHV1h4YikHuPaLjP7DjaVMUkRypJU98I45Yk5dUw_MPHzGZfVomBkgdA1ssF5nuSZ52ql2KMjahpHxN1q_4I8xLWQFJXH3av47UtgRBgr3iUATJotj3ha41FKe-uk_7JqaYTLgOgI37Pa5NCO-VJ7hfiAS1jQ06Hv-d9Kn_Of9mT7q1EhMkZDLiF3zIr2cwCmXzsfy4GYa16SUmFLzxmzlw4hhU-wg7M7hOo-YTS2jB9pBfPW6KHIpCEhAdrkn6n_dPP6CT4SRSFUVmt8usyqJJcJs56hYf4XxeRW-fi816a-6K86P8WX-FY-XpHNHb1ej0QEgU9fzETue_ayG7sGEtgPVZC8-__6xS0M7-lsFZQ1eKoFgLGaCqjrnlGH3eeg47dKG8iTm_TBAqYbel99C17bOtnKVP3N4dBb19BaFcfyT-S8oIABc8CxPimnfnnK1rUZtlL7D1GlEC9oVypzeT-c8Fr1K0th39wdNUsfv9Sgz2zfn_YVqSQvd_D4eAkvmUFZu0MYoQjMHmp-hgrWR-pdIavIIOPmBS9hnIo-F-HvmLNLJ44X2fppbiGKEvZeAMSbryTFcYPaxpe_ZS19DhdUHhoWWlP-HgJUNC4t_nbiPkiS9uIygDe7V4ILSbo3hb6Y0ROOiOHZdNgdCQfTUYbe3kX_aOuPTObXnD0LxHLch1tzpNFG5zX8XI_73TmpQCY6f1EpoMrtER93aAth6hNP4nmasyWNMy5hdTfNJVxgd_XsIOYqYki2OMAtHZYk_CUmOvMu7zMb41h4-4F-hHVnOWP8NmWjwQTzZxHBbi23BGp54kmBCA-0zgn9GIUwwWrqYU6oW9POa7pM4xS106aQ4GHBDhCPOnM--NGtjObuYfJOAef2XtIT45qWhjtIo9R7O8YsWGLoint_6zrgZ6CsJUI9wm_8nbI-0zq4cPeqo6T-T_IACH03lafvxRXBbBrgCIIK31k_-FinhUk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame 6D06 222 KB
61 KB 73ms
23ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 10:54:59 GMT
age: 20267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 10:54:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6D06 15 KB
5 KB 127ms
77ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 07:44:43 GMT
age: 31683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 07:44:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6D06 94 KB
28 KB 128ms
78ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 14:51:19 GMT
age: 92487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 07 Jun 2024 14:51:19 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6D06 5 KB
2 KB 135ms
85ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 03:32:14 GMT
age: 46832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 03:32:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6D06 40 KB
13 KB 135ms
85ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 08:00:20 GMT
age: 30746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 08:00:20 GMT

GET
DATA 200
OK truncated
/ Frame 6D06 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fe55b48b6c83b17916a79c7fbd87bbe0b3da64107bbc0749b31e8b7a32377db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1168860564885545075
tpc.googlesyndication.com/daca_images/simgad/ Frame 6D06 90 KB
90 KB 39ms
39ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1168860564885545075

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4357eda864c00d392da56d4c39b7504f14dd3b1e629158eb10c591de55b85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:01:19 GMT
x-content-type-options: nosniff
age: 523887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92153
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:43:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 15:01:19 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D06 2 KB
2 KB 56ms
55ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 64113
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Jun 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D06 295 B
319 B 56ms
55ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 21362
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 10 Jun 2023 10:36:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6D06 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQljRdkmSqdfYPdi7N8zMjP1o7nQNATPKZGGIXL-7nPGaZvpiZj-RO310QSRpFYqjHOOud02d84lGbzHzdg5aLoZ5KZlA
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6D06 0
0 70ms
70ms Image
text/html 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMYwfLVSDZNegB5mymLAPuvu96AfsnZCecMn_h53LEZ_JhpiVDhABIJLY30pgleKQgqAHoAGdsO6hA8gBAqkC7BSyZ3IUsj7gAgCoAwHIAwiqBLUCT9BX4mDKLGYDgrxfwb7tszmwqbixWhWjR1REZ3xYlibRorpM8_YfVO_nh6dMyuDyr2C4GRNZETcvf5M_8sPsVNcFVWlszexTab1_VxPrds6N-jJl0A-UD9QVyxxetZOIj9DNdCiswTxvcoVShXtobb3wwwrsZHAAkg-QgXd88MfjKoTZotSx6hkxuLS1Cd16VxDByGP13dvIFVFglYXimAs3yN0vNfsia1cliHjSeIOFkU0l4kkml4sqxOZzQWqOyS3dyePyVS1u9y6GhMSpH2I-5StPCxODbmbp8Dly2cTsr4dtEFn-sgM_VvDJ5MHGqeYr5b19xGu25ca9HuTplCtZR0ST4WrcKxbfr66hRhfEcDcKdMMz4D7XFu0YLhg5UjmU_C7tLtmTgiQKD27tZrHzWsugwAS_zc6EngTgBAGSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELHBFdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjYxMDk2NDIwMzUxNTAyNRiymCo&sigh=hTPc7eG0kRw&uach_m=[UACH]&cid=CAQSOwBygQiDnPe6P7BfZefKQ-faA78R8ibvWrU3oIS_hFIdRLnRIg-Jc89AzHkMjmKZhg16kXQ1CIqMNV5DGAE
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 2164 2 KB
1 KB 46ms
17ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 5948
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c1de00bb5c-FRA
content-length: 1168
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 container.html Show response
4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7E7 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:45 GMT
expires: Sat, 08 Jun 2024 16:32:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame D226 2 KB
1 KB 27ms
17ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 5948
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c1de03bb5c-FRA
content-length: 1168
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame 4C40 222 KB
60 KB 57ms
46ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 10:54:59 GMT
age: 20267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 10:54:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 4C40 15 KB
5 KB 79ms
78ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 07:44:43 GMT
age: 31683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 07:44:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 4C40 94 KB
28 KB 79ms
78ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Jun 2023 14:51:19 GMT
age: 92487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 07 Jun 2024 14:51:19 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 4C40 5 KB
2 KB 83ms
83ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 03:32:14 GMT
age: 46832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 03:32:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 4C40 40 KB
13 KB 84ms
83ms Script
text/javascript 2a00:1450:4007:81a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 08:00:20 GMT
age: 30746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 08:00:20 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C40 2 KB
2 KB 52ms
51ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 64113
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Jun 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C40 295 B
319 B 54ms
53ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 21362
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 10 Jun 2023 10:36:44 GMT

GET
DATA 200
OK truncated
/ Frame 4C40 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f24d4b11babdc1ec14e87415accb5c4a36c5a7cdde4dd0678a81c30ed3597b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13796759615521087394
tpc.googlesyndication.com/daca_images/simgad/ Frame 4C40 92 KB
92 KB 52ms
52ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13796759615521087394

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca4558a1a07738ffb077ac6beb3d20df3580eba151878c4f7e0de76d31e12a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 18:55:02 GMT
x-content-type-options: nosniff
age: 164264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94299
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:43:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jun 2024 18:55:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4C40 0
0 69ms
69ms Image
text/html 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr0WQLVSDZNigB5mymLAPuvu96AfsnZCecLnoh53LEZ_JhpiVDhABIJLY30pgleKQgqAHoAGdsO6hA8gBAqkC7BSyZ3IUsj7gAgCoAwHIAwiqBLUCT9Ag96Ze5GbNHiNg8JtewogHpM-WFxTRNmGeNLLo4SsJmxFiufYJlsRP3-2m8Wfxt5gexE01FUg9DTqDVEokfpG24KUvq3353ET9LLOhx7iEn3qhctcrjtDXWqz1uLuhQWoHPTXxG57e-HwkSI_9wZSInUM2PqThk3JSBPeHEVycIDWkJQRZ0suTcjowt8jBLK2VXK7dipYkgx0Te6RGkbVFwUyugD0Emsv7UJw9nlyxRhqnjc37qIo3A49dxjCosw27_k5DfEFNGD_VQdprrAdFW9FSfR5OXZ2pcVaoCc2xdmwYSlLV5jy9cOLDy1p86LKZSjrJxFQG2-QcDFvdKEVIz3Q2i8SinEgilnFHoanB_j2f5v5zNu1omtptTp3motDEIbz8-MrCCpnoa835UapUnvAKwATnzc6EngTgBAGSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMKuBtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjYxMDk2NDIwMzUxNTAyNRiymCo&sigh=ATAkCKEHvLM&uach_m=[UACH]&cid=CAQSOwBygQiDnPe6P7BfZefKQ-faA78R8ibvWrU3oIS_hFIdRLnRIg-Jc89AzHkMjmKZhg16kXQ1CIqMNV5DGAE
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 9F32 2 KB
1 KB 13ms
12ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 5948
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c1de10bb5c-FRA
content-length: 1168
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/ Frame 43DF 82 KB
19 KB 39ms
38ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e390e8126bfcb399f08541703e0569ec864a2ac3016846c4dc8d23ee361da5d9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 353960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19850
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 14:13:26 GMT
expires: Tue, 04 Jun 2024 14:13:26 GMT
last-modified: Thu, 11 May 2023 11:21:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7E7 0
0 71ms
71ms Fetch
text/html 2a00:1450:4007:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY9tiLVSDZNqgB5mymLAPuvu96Ae4hL6DcYix94jVEfXI442RDhABIJLY30pgleKQgqAHoAHY3cuZA8gBCakCFq8kqvnGeD7gAgCoAwHIA0iqBLYCT9Apj92H_7stDircAwWWuAmENUNWy5Zug7UpHp-9DkUFqpjR3mg55c2Uhy7EU6gl4C8KXUwS6O2TQgHNonSsCp4H9vrdMcQfNBlRFZpNGbMzC9Xo9K_QClO6wPzBltKPnSjmQ3VUeVCdEDZ8zaK0aTvjtIlPa6V1ckAnpqQbFpwy5hgq7zbPxuoTOGErtbs6pdLBRaeeJNhAlvDT9Z-tzLC2kjdF84gVOikWCfMJBooKYYpGyY8fWi42AraYuRyco418m_mT_90QC7TJAinbOLzErrGp4CWY2NQkMvyeiJw2roLSTYgbLwAEbAp4fyFINk0_si7syAwdnqI4R9iCzxHkHhvy2RsH1ULTKeTzMvBny3dkgA5lPKCvViv89ev_efnD3_Gpe3nbHqjCTMzIcVmvLO3WHcAE06G2zf8D4AQBkgUECAQYAZIFBAgFGASgBi6AB5CitGaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDUtBfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTI2MTA5NjQyMDM1MTUwMjUYspgq&sigh=jF3E7XxZqA4&uach_m=[UACH]&cid=CAQSOwBygQiDnPe6P7BfZefKQ-faA78R8ibvWrU3oIS_hFIdRLnRIg-Jc89AzHkMjmKZhg16kXQ1CIqMNV5DGAE&template_id=419
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame B7E7 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 00:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jun 2023 00:36:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0567 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 15:51:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B7E7 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 11:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jun 2023 11:56:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B7E7 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 00:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Jun 2023 00:36:36 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 2164 31 KB
24 KB 12ms
12ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1686328366452&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=qs3w8edxck4z&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 3704
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c25e90bb5c-FRA
content-length: 24223
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame D226 31 KB
24 KB 14ms
13ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1686328366453&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=npr3qjdr2tyl&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 3704
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c25e93bb5c-FRA
content-length: 24223
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 9F32 31 KB
24 KB 15ms
15ms Script
application/javascript 104.19.232.122

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1686328366453&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=y212td5j7d6a&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 3704
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c25e99bb5c-FRA
content-length: 24223
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6D06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

32ms
32ms

Image
text/html

2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H3
Server: 2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Fri, 09 Jun 2023 16:32:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 43DF 4 KB
764 B 30ms
30ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+Thai:regular|Noto+Sans+Display:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7177a698a74b91c1bcb6433896c9195ce49ce0d7e67c945db4daa538a78617cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 16:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jun 2023 16:32:46 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 43DF 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 17:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 09 Jun 2023 17:08:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 43DF 34 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Jun 2023 01:47:45 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4C40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

27ms
27ms

Image
text/html

2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H3
Server: 2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Fri, 09 Jun 2023 16:32:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 2164 26 B
231 B 47ms
13ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1686328366574&rnd=qs3w8edxck4z&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-before_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 5024
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3585e37ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 2164 26 B
87 B 47ms
13ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1686328366564213&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-before_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=qs3w8edxck4z&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=450&h=300&lat=&lon=&ci=&1=6502fa6abb26e9760a94b605a0c69a26&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-21-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 2017
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3586437ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame D226 26 B
83 B 31ms
15ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1686328366592&rnd=npr3qjdr2tyl&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-sidebar&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 5024
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3586c37ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame D226 26 B
83 B 39ms
22ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1686328366583180&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-sidebar&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=npr3qjdr2tyl&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=300&h=600&lat=&lon=&ci=&1=6502fa6abb26e9760a94b605a0c69a26&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-14-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 2017
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3586737ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0567
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4007:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:819::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:46 GMT
expires: Fri, 09 Jun 2023 16:32:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Jun 2023 16:32:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 9F32 26 B
83 B 12ms
11ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1686328366615&rnd=y212td5j7d6a&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-in_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 5024
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3687137ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 9F32 26 B
83 B 12ms
12ms Image
image/gif 2606:4700::6811:6ad4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1686328366605571&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-in_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=y212td5j7d6a&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=450&h=300&lat=&lon=&ci=&1=6502fa6abb26e9760a94b605a0c69a26&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-17-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ad4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 2017
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7d4ac5c3687337ec-FRA
content-length: 26
expires: Fri, 09 Jun 2023 18:32:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7E7 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ67gnb2ePBEpi-mb32-g_IwLqXPiUXnrGCgrHmrxpJYVqv3lDDa36eHfUYsY-TeoCAvkU7-bHMehHbVneYwofsRHtDNw
Requested by: Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7E7 175 KB
55 KB 161ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:32:46 GMT

GET
DATA 200
OK truncated
/ Frame B7E7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b18848d1e105fbb45202c9255bf23729711d9c290eade1b46eb7e593b405b70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 43DF 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:33:01 GMT

GET
H3 200 tg_logotype_white_RGB.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/ Frame 43DF 4 KB
2 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/tg_logotype_white_RGB.svg

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f337877d7d9cc9c8c548280d672afc8c734c697025f1ca68c1b28a2ebaeeb64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 14:13:26 GMT
age: 353960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1823
x-xss-protection: 0
last-modified: Thu, 11 May 2023 11:21:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jun 2024 14:13:26 GMT

GET
H3 200 summer23-display-banner-300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/ Frame 43DF 18 KB
18 KB 40ms
40ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5029971978473570265/summer23-display-banner-300x600.png

Requested by

Host: 4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cdf45ea042ea5b453990514c6daac0e0ed78b4cffbc66fc515651192c88ab50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 05 Jun 2023 14:13:26 GMT
x-content-type-options: nosniff
age: 353960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17945
x-xss-protection: 0
last-modified: Thu, 11 May 2023 11:21:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jun 2024 14:13:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3671&_p=1724748283&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90&_et=38

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3671&_p=1724748283&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=user_engagement&_et=2095

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3671&_p=1724748283&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90&_et=9

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3671&_p=1724748283&cid=376858670.1686328362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1686328361&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=user_engagement&_et=2094

Domain: home.s.id
URL: https://home.s.id/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chaseonlinebanking.robor.com.tr/	1969-12-31 23:59:59	Name: PHPSESSID Value: ah5pderug3latv8qjf9v7nbset
.s.id/	1970-01-20 14:35:04	Name: _gcl_au Value: 1.1.1753470768.1686328362
.s.id/	1970-01-20 12:26:54	Name: _gid Value: GA1.2.285282947.1686328362
.s.id/	1970-01-20 12:25:28	Name: _gat_gtag_UA_225238330_2 Value: 1
.s.id/	1970-01-20 22:01:28	Name: _ga_LJQ0V44EV5 Value: GS1.1.1686328361.1.0.1686328363.0.0.0
.s.id/	1970-01-20 22:01:28	Name: _ga_98MWVCBDD7 Value: GS1.1.1686328361.1.0.1686328363.58.0.0
.s.id/	1970-01-20 21:47:04	Name: __gads Value: ID=6af85eec68451f2d-2253f90161e10063:T=1686328364:RT=1686328364:S=ALNI_MYSGvIosxJ5bZ_bFeluAg-p7SCmsg
.s.id/	1970-01-20 21:47:04	Name: __gpi Value: UID=00000c46195067f9:T=1686328364:RT=1686328364:S=ALNI_MYeGft6VXopVh90vnc1ERWdzB3LSQ
.doubleclick.net/	1970-01-20 21:47:04	Name: IDE Value: AHWqTUlf4rlP95EXii12yJjWpNJjHVwHU-QnMA-EqhLTlUXHKLExsBq-EFtss4Lft3o
.s.id/	1970-01-20 22:01:28	Name: _ga_LBWQJM5WLF Value: GS1.1.1686328364.1.0.1686328364.60.0.0
.s.id/	1970-01-20 22:01:28	Name: _ga Value: GA1.1.376858670.1686328362
.s.id/	1970-01-20 22:01:28	Name: _ga_GJLS9JMJCK Value: GS1.1.1686328364.1.0.1686328364.0.0.0
.s.id/	1970-01-20 12:25:28	Name: lotame_domain_check Value: s.id
.criteo.com/	1970-01-20 21:47:04	Name: uid Value: c36a8b67-591a-43ae-9e37-84009d92beb7
.s.id/	1970-01-20 21:47:04	Name: cto_bundle Value: JWJa5F9QNlBRNUdNampGcyUyRmM1OFYwMXBpaE0lMkJIZXdZUXVxdWpiT3RiM1hXcEV5UmhiSlNKdU1DSFZGaFNYUDlhbDBkaWtuZE82ZlRyVTA4NUdvbWR4UjVCTXklMkZrV1pFWEZDNDIxUElTJTJGakNzb3M4bFVuQiUyQkVDQ0xvODhxR3hsc3A3VVlxUHNiQ3o5Uk54SkhyUk5vNGNrbjRRJTNEJTNE
.openx.net/	1970-01-20 21:11:04	Name: i Value: 3eb48640-c28c-4310-90b0-7bed71978377\|1686328365

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.s.id/api/user/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://shortener.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5029971978473570265/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4afc0f14d9a1a0b76b194a10d7cb013d.safeframe.googlesyndication.com
adservice.google.com
app.s.id
bcp.crwdcntrl.net
blog.s.id
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.s.id
chaseonlinebanking.robor.com.tr
d3li60t7cgizua.cloudfront.net
ekr.zdassets.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
home.s.id
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
pre.glotgrx.com
protagcdn.com
region1.analytics.google.com
region1.google-analytics.com
s.id
sdotid.zendesk.com
securepubads.g.doubleclick.net
shortener.zendesk.com
static.cloudflareinsights.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
home.s.id
region1.analytics.google.com
region1.google-analytics.com
104.16.51.111
104.18.70.113
104.18.72.113
104.19.232.122
162.159.128.7
162.19.138.118
178.250.7.13
2001:4860:4802:32::36
2600:9000:223e:d400:8:217d:7c80:93a1
2600:9000:223e:de00:8:217d:7c80:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:6f9
2606:4700:20::681a:7f9
2606:4700:20::ac43:4bb1
2606:4700::6810:3865
2606:4700::6811:6ad4
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:82f::2002
2a00:1450:4007:807::2003
2a00:1450:4007:808::200e
2a00:1450:4007:80b::2003
2a00:1450:4007:80c::200a
2a00:1450:4007:810::2002
2a00:1450:4007:813::2001
2a00:1450:4007:818::2002
2a00:1450:4007:819::2002
2a00:1450:4007:81a::2001
2a00:1450:400c:c00::9b
2a02:2638:d::2
2a02:2638:d::d
2a04:4e42:600::485
34.102.146.192
34.120.135.53
34.96.70.87
35.190.39.111
35.244.159.8
45.126.58.78
52.213.131.210
65.9.66.104
94.73.151.195
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0d6b7b98db5a300467461fe230a46da29dd321bb6c1d330414456466560a3818
0dccb49179e8cbcc1f0fcae4f6c64832ff55e68258c1c8f88921817cce4e69d8
0eaae9958d915dd8e313edc9c183b56c0c36ecacd716b8d77549ad52e7b24269
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
161b8964d31b3461bae5cb6dd83b7ab52d9a4811c3858dcdc334ebb90f25e432
16b6dfe206e80475057176362642d11f0ba0b9149a3fbecee7f016ce503dca0c
178e46df711e56d7c606e5b8414d3672540b7c0861398b5adbc5e7503f7d38eb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f
1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
2fa15d2754d902c0bcb7d94bf8dc1b44cdb75dfdf730683dd186fb6223027c7c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3164fec8f6bd697b819a1a92c3e586a34926a49ca32241f5c823abb682f1afa9
3500329cb108e3446e72e303f2aea7c7e9fb92f0cea69129f30ae08c711d78c8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36bdd1db62b71648e4053ff69f36f8f6886b3d41997cf701dcc1ea2d822ca4ae
376db900218a222f5115f0ce3cb97d5d7df993ce0f7f93d3822e980e12776918
382716f715a2e1c913848b54af70259eeb5c3c06f43598f5a67ee09988c4bba7
38ea73ab67fc116151506874fc35620aacfc4d7465b5b76b307bd38c4fb9fdd8
3ac30ba8f6137bc1f50ed2159fe5f85833c7ac8d15527efe4834f6b1c2a7c5df
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801
46752e1a9d0ef98e44f0908f93b34b856c27940dc74060f8a2d0f8e61e882c02
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b
4ee50a722bd8cf2d9adffb0cf14bb4c88198203d96aaf75bb9afd5a676ab7cd6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fe55b48b6c83b17916a79c7fbd87bbe0b3da64107bbc0749b31e8b7a32377db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65a4fe10fbb28a60b2b7cc1c3872e9fd1f815a3eaff880f148eb84a1b3eb0f0d
66e5b55d86c0f08fd4f4eb1b255e67e92e26350c35f70279884ac043117e5825
67de7461a2cb06cdf436e64b6b6d6607482df3353e296e72b21d246b8cd7fab8
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7177a698a74b91c1bcb6433896c9195ce49ce0d7e67c945db4daa538a78617cd
7b614eff995af1ea033a632c7b52898592ac08493ce9aadc588bc7d4be4f04e7
7ca4558a1a07738ffb077ac6beb3d20df3580eba151878c4f7e0de76d31e12a4
7cdf45ea042ea5b453990514c6daac0e0ed78b4cffbc66fc515651192c88ab50
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149
833cf5ead439ce711de736169c132094e3a7c732b81da9b7294e7a0447331eef
8342aa392a57d9b44b26902cc6dd4e155f920cb04b5d12ac5b50bf89ba255466
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
83f24d4b11babdc1ec14e87415accb5c4a36c5a7cdde4dd0678a81c30ed3597b
842389fa6e59bda1663fa1925b5eebb360d3c28e949f43e343200e5fc038981e
847984a19acd867a171ddfb62d68cfefb57c7b30b216908e4a2173a670bc81b3
8b18848d1e105fbb45202c9255bf23729711d9c290eade1b46eb7e593b405b70
8f337877d7d9cc9c8c548280d672afc8c734c697025f1ca68c1b28a2ebaeeb64
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
969dac33628d45dc0b56d54b1cb13f55896000602214d5a27bd82ee344b53d90
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
980622a885bff34a8e7b4c86ed770408a5136237d90ca4656d16425d7c8d8686
98a14d0ac05f3daa1edf06f4b1ed451a24dcf34c2af67f8377db3e19e376d646
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
99bbab4ee5c5b1bdd45eeaefaaf09847654d661c82ae02ea0137da0397af02b5
9dfd939aba9ede7ea9808394da1a817aac8434b74fcc768e876f70e8bf9e7778
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d1d6d48f5149fe62888e9bf0d0e4154c20fee2d472408567596fc62dc5da00
a77d97853c07e51b26f61d4cf64705c5acf67d7827fd49275fe3900e11b78fa6
aa4357eda864c00d392da56d4c39b7504f14dd3b1e629158eb10c591de55b85a
ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b2a95245d69655b25812ab2bd247b8a4f29b922b27aff9b81947e6a61570df8a
b50fac46b3ce385b1efcbf7a24230addd395a8d3a4a5e60fe8edf478c23ed8b2
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
b98153171b7313788d99502f62111db838f28d9fb3cceec9be3b8a55052fe437
ba0bdced7fcb11519fe1bbf792d6a2648e1a7bf00a606312339695f38e454364
bc3654452488952be2eb33f84b9de08a77310399efa0939981bc1f959036fa5c
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
cdde8e6d54044217317e2bdf0eb6d528aff5207f3ec8bfdfc176f74f6d5238d4
cfbe87e978a825e55f0e1a3c1912ba7869a8a7b33c0f410321e21eeb6b4fb050
d13597e1b6ab57b36c12eddf98ffe6e1cb4a36d3f9a6b300a56b77ca2d9c7a50
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
dce43da5a26c000cda1f9015a85119f1d6c2cfe3b3befa860276129e32a3216b
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e
dffb777aa00ce1479132f8dbacb4a9446cea81d9fce5c2df882506a8c4c93122
e0d8bf1bde6f73acada1a82076d3edec8863809e743be8ac501948b927fb18e4
e223da961efe8c88031cc755324273557a864a0003f076935e7bc7c42c06e93c
e390e8126bfcb399f08541703e0569ec864a2ac3016846c4dc8d23ee361da5d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
ecff07dad68a192d6d256db9566b90e9ef3b78564fdf5793980098fc00d8095f
ed96bd587efeba8df2a63ffa5b6bbd7755e32092ed3a3dade4c561f462a8437e
ee9b0f1d061661981d6c60ad0fe0c6507343587089d010525a3f9bb7e5542c7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1181f845db285df5fd22d07af5e1b79842cb90f51cadad31fb47f1fd91b0030
f64c6aa9134fa178895ff2de3734ffc6063671b537892fa8e0c7f2db958e4621
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

blog.s.id Open in urlscan Pro 45.126.58.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

95 %HTTPS

64 %IPv6

29 Domains

46 Subdomains

44 IPs

8 Countries

3924 kBTransfer

8805 kBSize

16 Cookies

14 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.s.id Open in urlscan Pro
45.126.58.78 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

95 %
HTTPS

64 %
IPv6

29
Domains

46
Subdomains

44
IPs

8
Countries

3924 kB
Transfer

8805 kB
Size

16
Cookies

165 HTTP transactions
3 data transactions