s.id Open in urlscan Pro
193.84.85.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.id/konustucocuklar
Submission: On November 02 via api (November 2nd 2023, 1:28:50 pm UTC) from TR — Scanned from DE

Summary HTTP 156 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 26 domains to perform 156 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
20	2606:4700:20:... 2606:4700:20::681a:7f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
7	2a00:1450:400... 2a00:1450:400c:c01::5e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8 19	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
30	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.168.0 54.93.168.0	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.192.168.142 18.192.168.142	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:9417:d03:489f:5a05	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
156	30

1 193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:7f9 (United States)

ASN13335 (CLOUDFLARENET, US)

microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c01::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.16.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.168.0 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-168-0.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.168.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-168-142.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:9417:d03:489f:5a05 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Mössingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.209.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	415 KB
32	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	153 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	450 KB
23	s.id s.id — Cisco Umbrella Rank: 158997 microsite.s.id — Cisco Umbrella Rank: 628691 app.s.id — Cisco Umbrella Rank: 507982	1 MB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
7	gstatic.com csi.gstatic.com	373 B
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
5	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846	508 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	250 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	122 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	551 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	587 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	546 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	246 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	597 B
156	26

	Domain	Requested by
30	s0.2mdn.net	s.id s0.2mdn.net googleads.g.doubleclick.net
28	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	microsite.s.id	s.id microsite.s.id
18	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
13	tpc.googlesyndication.com	googleads.g.doubleclick.net s.id tpc.googlesyndication.com pagead2.googlesyndication.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	cdn-sdotid.adg.id	s.id
4	googleads4.g.doubleclick.net	s.id
3	www.googletagmanager.com	microsite.s.id www.googletagmanager.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	app.s.id	microsite.s.id
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	s.id
1	cms.quantserve.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	s.id
1	stats.g.doubleclick.net	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.id
156	36

This site contains links to these domains. Also see Links.

Domain
trmsrghspzp.net
home.s.id

Subject Issuer	Validity	Valid
s.id R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
app.s.id R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://s.id/konustucocuklar
Frame ID: 2DC639B5BCA0123636C422B7A9DB9A21
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: 36920C8B5FCDCCF31BF00A9CAA670C22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1698931718&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931718060&bpp=5&bdt=195&idt=209&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030620920503&rume=1&frm=20&pv=2&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: F5E11FF34E43B867F3C286E77BCFDCDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Frame ID: 1ECC61A3A5848C136F2F8B68AABC0FDC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14
Frame ID: 28D8B01B36D752036A51538C6BF8A7A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhjRrID8ATAB&v=APEucNUzbIIt35lZCVDgx-uDqrXi0TW1COmyOoyIa41v_-XEkXmIgRzvYEKu76L3kJmAmev-dF96ihnxGf2_4XUkHNPFtWzH9cyuGpaR8W_wb6aNudfOSaEf12f-o92dmLnak9To5ctb94tkcOatYpnc-HUiDiBwHtJu-hhZpjuplB012MwsGDs
Frame ID: 5271DD6FCE010FD3871C19E23F3A7ABE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 59BFD718B14A37FD3AC229957891D4D3
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F491031AE1D5514E83D87469526427FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1B6C18E134FCBBDD5F88A18CF535BF5B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
Frame ID: 3B767B6F2574879B0578DEC4BDC6C0E8
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/error_handler.js
Frame ID: 873D0F44C74924FF9F2B26F801A92D94
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXXJyneGqr5JCctL6GasEwTSOxX9_x1MndYFdz2pA0MhWvjOxXkQTCkjsbBp-tlU2R4k_58nhiXZ79KJSp6d9u5Xc_t5qndsUyWNROFB9fNywoqcIseT52w6RdtOtB0pZ9VuCOt2bWTDkabtWMyDP1KUPyP3p9AafAr6xtf6CoWW909VAQ
Frame ID: 8ED6A70BAFD5CCC808E6F106C4A91E74
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3456156CC3825AA401042BD95206DBC8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
Frame ID: 979F07514B124196ADB7FE53D12DE0FF
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D4BB33F2EA09AD582057A66AC1AE967F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBAE8A0FFC313FAA5EA6D553E1D2242B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A07E4C8C0FF03CCFFD6795CEE82B334
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

156
Requests

89 %
HTTPS

59 %
IPv6

26
Domains

36
Subdomains

30
IPs

8
Countries

2961 kB
Transfer

7712 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://trmsrghspzp.net/
Title: Araç Hasar Kaydı Sorgulamak İçin Tıklayınız.

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=konustucocuklar

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1

Request Chain 54

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUOkDIC-0K7xAJaIFWaijwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDo-L_Rh30Xj4Td7R4Zewys&google_cver=1

Request Chain 56

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

Request Chain 68

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrAG1_UNO5myugBU_BhPqSmzRx_yJjj9fzq6pNdv9PDhM1hKxWdHm0wq3w HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrAG1_UNO5myugBU_BhPqSmzRx_yJjj9fzq6pNdv9PDhM1hKxWdHm0wq3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDNOcFVJTXYxUVl4S0E1&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrAG1_UNO5myugBU_BhPqSmzRx_yJjj9fzq6pNdv9PDhM1hKxWdHm0wq3w

Request Chain 69

https://a.tribalfusion.com/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 72

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHVSHwE_S4odd7yYtXkW64M&google_cver=1&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3LyulcZvOQHo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3LyulcZvOQHo&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B

Request Chain 112

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1&google_push=AXcoOmTjY7JVdpfpwqBXJiG9MUY__OEBPPB0qNFQtcck0p55MTJKuuxbvlNksiAdVJsFY_BpIIqVb3KBJl6Jyq5POUvFX94n8Hn_76o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNTA2MzI2MjkxODkzNTk3Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1

Request Chain 114

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK8lTUZ1cRJzdLOVRIG-Gvs&google_cver=1&google_push=AXcoOmS-d1Cl7yPG3hWyTH1_fF8vSErWUNkqRRlYFxoF4VYXW5eh5RKpaWtLcOf20BwnzNZMHAqPIfzeRDT0sc-kSBlOkks4w-vk5RI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK8lTUZ1cRJzdLOVRIG-Gvs&google_push=AXcoOmS-d1Cl7yPG3hWyTH1_fF8vSErWUNkqRRlYFxoF4VYXW5eh5RKpaWtLcOf20BwnzNZMHAqPIfzeRDT0sc-kSBlOkks4w-vk5RI

Request Chain 115

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGUFHr75PyAj5agLHmhBtzE&google_cver=1&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWDnqAHB3hD0lTFJbdIM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Njg1NjE5NzAxODM1MTc1Ng%3D%3D&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWDnqAHB3hD0lTFJbdIM

Request Chain 116

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM7_RA1xlKg8BVRKJ2U0ImI&google_cver=1&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxNY291MuGH0nq2yg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8h3O8eHSSoAKpHLHanoxlQ&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxNY291MuGH0nq2yg

Request Chain 117

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCtr5c-y9t-pqsYQskdMhk&google_cver=1&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U1taYx0Zk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U1taYx0Zk&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B

Request Chain 118

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAJQIGJ9ri7xoe-6I0T59uU&google_cver=1&google_push=AXcoOmShrFXu0217uSXLe_KrCVfz-KNyfTwD0p4CU5R_jVc0pXeF60QftCNSxekiDN0YwvI6cK7-tCFzZxfEi-y_uOujdsbObPaADZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmShrFXu0217uSXLe_KrCVfz-KNyfTwD0p4CU5R_jVc0pXeF60QftCNSxekiDN0YwvI6cK7-tCFzZxfEi-y_uOujdsbObPaADZk HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUOkDIC-0K7xAJaIFWaijwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwS6RREtoqDlqrU6-Kdb5A&google_cver=1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

156 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request konustucocuklar Show response
s.id/ 14 KB
5 KB 4345ms
590ms Document
text/html 193.84.85.178
STORMWALL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),

Reverse DNS

Software

nginx / Next.js

Resource Hash

342dc70805f7dd33497f0b3d68fd1df01ec0fdb025801a0b291abe1931c57e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1642
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 81fcb8c3b8a1189b-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 13:28:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4FuSMigYkcQbNtB1gAR9Co%2BUlrpUSswoT4Iw4%2FkjB0gtGBUR8qw2ETzBax26QnayT0MjIbPSCXt0SJUEcAs6JLFXuZqVfTaAh5jFrQ%2BlEaY6xnD6uR8%2FJnvYkNnnBAA"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

GET
H2 200 3d8f55e5dd832069.css
microsite.s.id/_next/static/css/ 118 KB
18 KB 68ms
30ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/3d8f55e5dd832069.css

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7d8ccf87b4c7ee427bf5bbb4071cf2b74f0d01c9ef0d9b9185520619d9b066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"1d7fb-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDj4bDFYe%2Bk6tTcbdqkjWERXyitTW9BeIJgrojSWH%2BmyVhggDEzlyAoxP7XEDxwKQiyDH8N%2BBPqa%2BtdOZytqmLrP%2FcC6JdF%2Bw%2BNFKMy1%2FTYLdephj4py%2Bc%2FKNG1EPSsN%2Fxa2FPTe6n0Pf9WF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c4efa93614-FRA

GET
H2 200 cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 22 KB
7 KB 67ms
29ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"57d2-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv0DxBPwAta0RKZanAEU1u3lchDXUVg%2FWGaAt66ebp29CH1HO%2Fss2VyoT6N1xqKx1BLNjQiRCL4Bj%2BV88ze7Q8iqjuNZ9DLX4J2bYNEl7YwSqfxy%2FYIVhsimdU3tscHAiuDZBsgZVwzn45v5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c4efa83614-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 126ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

748cb7c7e496f1faa692b8e8026b44e5c96c510fa7a83f684bf1fa431caaea9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52170
x-xss-protection: 0
server: cafe
etag: 1056408641429148627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:28:37 GMT

GET
H2 200 webpack-a01b5ab3a4491b81.js Show response
microsite.s.id/_next/static/chunks/ 4 KB
2 KB 26ms
24ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-a01b5ab3a4491b81.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5482c3eb178a408ac33795641902b32293eabfe14dbdf21d606f47115e7d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"e46-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BfeWAcwW4U2rnJoCIJgsNQWVmXkLebV3lqrBybAnxjuv8hAyQ3Me03yvT2mouQlbXkz%2BSgHvu6PkEVlMykSw5S0QVuEzyktnXT2AN%2Fhyx9r57819LZ2XSdwUzie%2B5zCb66vXFV1YlPyJUr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fd33614-FRA

GET
H2 200 framework-56bc1d2b5d8be648.js Show response
microsite.s.id/_next/static/chunks/ 138 KB
45 KB 34ms
32ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"226f3-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjFevUjVZBMoYRPLNOr%2Fhe%2FTOAauvy8r0fhtIaS%2B7id2%2BrpbCr6dVnMmVlE2nDH8foqe9FaLN8S5W6ofIz6%2BvgkWz5ysenHmLbEF3FGfpu9P6Q3ORfWC7rxlHtJhw3pAEDn0Sd1f1Cff7pJq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fd63614-FRA

GET
H2 200 main-559dbfa8afd7d7a2.js Show response
microsite.s.id/_next/static/chunks/ 97 KB
29 KB 27ms
25ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"185da-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FU5qbxJn8THZGgHSUCXY66uUNcI1yJu9nitpqaN9GAwap%2FwpvZUoWHusIO7Zt7I0SpFK36Fu85730tr7bLzHhBdIMLzMYijbZzi5A8qJeROcV70qV4BxpXX6g%2Fk%2BKDme%2BXAwCIU%2FCBKq9mG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fd73614-FRA

GET
H2 200 _app-34eebd3069454f50.js Show response
microsite.s.id/_next/static/chunks/pages/ 275 KB
86 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-34eebd3069454f50.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded01cb64e5400737859bd9f2dae7c2033b9a50727b1aebb0716d45178109aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"44bdc-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os%2FMRA99fwXF82zqkavYQITKYbLlY%2Fh7KPfjuB%2BYwofcNvnNSenOThJ1iAc607gGkYY2BZE57Q0RUtyDfxdoAvjoS4Otirx2hX1%2Fm70Qt4jEjwtB%2Bb%2BWIxTVUPSeGP2T7cXlAEbg2nU5RDtO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fd83614-FRA

GET
H2 200 f85a1fd0-0ccc9e26436af44f.js Show response
microsite.s.id/_next/static/chunks/ 476 KB
74 KB 61ms
60ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"771a6-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwZm6txJ7Ui%2BAnxHozZ8t3QrHmb%2BXcnVqKWyJLbduAA5d4pE%2BHnSLTqvA%2FOT6GBmoCF8eZxCdO5Tl5OBvsPTdgV7uX76iFXTGeZTyjrFQHzk0gSeV6AM9UrpbIbD6BKUCr14rpAoxNfYILGh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fd93614-FRA

GET
H2 200 347dd6d2-909e20e25b7384a8.js Show response
microsite.s.id/_next/static/chunks/ 948 KB
283 KB 51ms
49ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"ed138-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j%2Fq%2Frbox%2FXwEuMNzwXKaDOAmhq1eQoH779OWcSF%2FLXBX7d%2BRon09LqRUwq4oowVw3CoJqWvBGnXqKcm85AlvYfrixMEQzkoCy23DwY0lPwEOV%2FW1e37Ij2osssrqc4GHm85AhlI44rE26jP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fda3614-FRA

GET
H2 200 b7322211-d279212bc11c825d.js Show response
microsite.s.id/_next/static/chunks/ 501 KB
212 KB 50ms
49ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"7d3a4-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JmurKMtRBMybAiTrpEQ8tkfa4CyC5o%2BNFJbkB6mkG6mEaXE%2BwDuEdNanQ3YLd2IgKWCRDei4iXTJocvcYByUDUaqoZzgvcQnJy%2FprTuudLFjPJJnQj3A%2B04p62fTUm%2B8MDcbocmJ%2BRTfeGG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fdb3614-FRA

GET
H2 200 826-1c8e84aa5fd5d8a7.js Show response
microsite.s.id/_next/static/chunks/ 636 KB
190 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/826-1c8e84aa5fd5d8a7.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10aeab6daa0f60489841182d089a82b7b851def405ebd4bfd006e3c8f5d76432

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"9f10d-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkosCRuQfMIAliaYxNdmWKmAIDVWUWylBCpe16EwPgxNTlFwU9iu719ZsD%2B6qzUo1oqjhDxMCENTwB20GB4ETMUPcYFJapEayv4xVwa4k57Ntza3BNykuChUYQTxR1ZD%2B%2F19MAZhEq4FZCoC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fdc3614-FRA

GET
H2 200 %5B%5B...any%5D%5D-6d14d2ec11cc3953.js Show response
microsite.s.id/_next/static/chunks/pages/ 171 KB
39 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-6d14d2ec11cc3953.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef05c0164b195ad79706d6e3a71d5717c92bc8a2161681fde3c6158265a94142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17779
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"2ab00-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCOOu6FMD5myj3zPGCARqBAmpCR69syprGzn1%2B5bD3ewRapA3acd845AaUjuSSmHnd1kFbWf318GQ0rp5smeXwP168t0f8LRjNxbT77gI1S23ITwpGeABltxIw5sPKt7fpUWEDpFXWKtxYS2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fdd3614-FRA

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/S4uoQkQkhnpDvDT4lpewa/ 578 B
670 B 24ms
22ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/S4uoQkQkhnpDvDT4lpewa/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f0371894ff78ed4d47c72193f0dfc580df4eb7cd1e7773d68ac77ab687962f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2430
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:53:02 GMT
server: cloudflare
etag: W/"242-18b8fe13130"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BUGWUezacmRK3HrwWvdy6BpEtsvRoXRuCRd2%2BNzYjJTn9tkC1UtwB8kHWy7%2BiFUJ9iVgSGTahLAr6viFugl59%2FdmqK2JAbPyKzomwQZkFWvvEhvJ94wVTw7XQKyEPNh64K9TT1JBGfYH8X4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fdf3614-FRA

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/S4uoQkQkhnpDvDT4lpewa/ 77 B
347 B 25ms
23ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/S4uoQkQkhnpDvDT4lpewa/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2430
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:53:02 GMT
server: cloudflare
etag: W/"4d-18b8fe13130"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOS6Ja3tLL23m22vgOJQFYJu1TazEtpJFd8myg0EKVYw4l5gGFMoGQmqgKhHstaOpoUebQfKQ4F4Wdun5j7CH6m4zmx%2BvBSCWmHX5Iwv6bAwbwNTAMXUyZBj4%2BLkrCj75F9YctQmSOUFAYYm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8c51fe03614-FRA

GET
H2 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
788 B 296ms
259ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRSz%2BMpGLIyylTw%2FpK1Xqv0R4Wh6FkV4ygqxTpUYuhXDtntLK0rsO%2BK9OdL4q6uuWCbkJ%2ByW%2FzhX9cYMa8krLp1nwfSXYWLO6QCFKZrSDaoDQ%2B4O7QRJkzma0CCZYEiFZ%2FYKBUyY8YdzRH8y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 81fcb8c4efa33614-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 work-sans.css
microsite.s.id/assets/fonts/ 4 KB
880 B 4798ms
4761ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/work-sans.css

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtMlGRg5DKFyrtokS21gEb%2FC8n3ABE3gdRNU6XiPoQxjScYtwu1Eeoyzu4%2FIt6kIQEwFp8Wzygj6lDDQjEkLsIYOWcHlqvjagLcSZIaptlSvmQjZgoerWI%2FzlWr%2BbmEb7wQMSGSzVhE%2BlpGq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 81fcb8c4efa53614-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 archivo-black.css
microsite.s.id/assets/fonts/ 729 B
697 B 277ms
240ms Stylesheet
text/css 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/archivo-black.css

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f41fdd2a7fac49f4cec2f62653d50409213b5f802d65401d96ff9c063816fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2d9-18a69dfa4b8"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXmL4O8oAZEj%2BcYkT9Sxo3GkJ7pq%2Fx7kjywBQOXV7iapor%2BzL4fw1IkC7Ohhio3Nuf03R%2FsShJzY4ptunIX%2BDC5jWNQvwrLtF5oPvGr2Sv0Qun%2BY4ThzSprprkxaQb%2BexYlfm%2FNdLaW2CcSz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 81fcb8c4efa63614-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sid-neu-logo-dark.svg
microsite.s.id/images/ 8 KB
4 KB 389ms
352ms Image
image/svg+xml 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yiNmu7M7bqLx88BIBnN%2F0jt6%2FKK78A%2B3zKCgOxCJABFpdAz3vSIvtGiZTOuE37lwV6p1ijX%2B4Q47NjEl2mDWMhh%2BGypziW8hjtf%2BTQM8q5cZDGhc5tPfd6O%2Fw9j%2BKPAYcm%2Fkt1yE%2FpQto4T"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81fcb8c4efaa3614-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/ 400 KB
136 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079356

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dadcffea88193ce7d5f03a1866deef3bcb3980bdfa131906d93052bf5d20acf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138564
x-xss-protection: 0
server: cafe
etag: 6116152248776202139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:28:38 GMT

GET
H2 200 f3b9cf00-87fb-45fa-af4c-6757fe36618b_459x470.png
cdn-sdotid.adg.id/images/ 442 KB
443 KB 144ms
84ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/f3b9cf00-87fb-45fa-af4c-6757fe36618b_459x470.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

863204bf5ae951e4106b6af142c3be0bed6b9178bf5843d5f8a595273dd9803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
x-amz-version-id: sSTGw9MajyDoR8ePsxEktRd2pVdZ5W_C
via: 1.1 0049c5577a998a3c21b741181b3609cc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: LHR50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 452526
last-modified: Mon, 16 Oct 2023 10:49:05 GMT
server: cloudflare
etag: "e6d4dca07f3e000ff5a4652c3f48eb46"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdI3p1dCv7QlR3awwbxaxII0%2Bimifs6HevJAWioOcoejbxvcngN3%2FwdoI2etK7%2F52flQjUH5YbFMUCRpKHCCV5l%2F6hRJdnTIxxeHOE1hKHYUGIzUWLm9DdOuS6uHdWbR%2B6GmUIYBVbVHhzb0VzYNeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81fcb8c65fcdb79d-AMS
x-amz-cf-id: y1FkiZa55BuQNT21YG0MW4Z6ROqXV93fUNful44JcgQnNaVlwNtr8A==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame 3692 10 KB
5 KB 54ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 13:52:28 GMT
etag: 251720774729838433
expires: Wed, 15 Nov 2023 13:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ 55 KB
21 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64fa8666844b5f12e4eee681ee9aa58bea638568acb557afe552f8312e2bbb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21728
x-xss-protection: 0
server: cafe
etag: 936069799896148284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 20:07:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
597 B 67ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s.id&callback=_gfp_s_&client=ca-pub-2742216534640545

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b9ec9a012c14038753afbeadd796a9af2b08effa413ba5769b18ab2b0c7381f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5E1 0
188 B 4355ms
4354ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1698931718&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931718060&bpp=5&bdt=195&idt=209&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030620920503&rume=1&frm=20&pv=2&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:38 GMT
expires: Thu, 02 Nov 2023 13:28:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
62ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 47 KB
47 KB 384ms
353ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/work-sans.css
Origin: https://s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbfXXVXsLMR9Xh1wDlOTRlTE6vwlNn87X61Db8S0%2BKfqhv8IsDLuY8RPnqyiAfq3RoroiQNP%2FqFy2Zd15ElGMlpUCoiVVL5U6ghdAGhRADSgWJqKj3j5Itn1ZvnZ1qzSqf%2Bik%2FQ%2BtgL06Ssh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 81fcb8e38c709229-FRA

GET
H3 200 archivo-black-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 10 KB
10 KB 382ms
351ms Font
font/woff2 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/archivo-black-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/archivo-black.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eca2abdbbc1998c3a286e2e83a2256be5263ccb801aa93b00c64fea891efd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/archivo-black.css
Origin: https://s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9792
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"2640-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqs7fkGSJzHDg%2FBDf22MKc%2Fu5xUtYERf7JxHnkECiKdIbGMj9YiTLB%2Fp0byjycvP1rC0BKvb%2FphLAMqfhGXTxcfyxGvm78kc%2FbQIMuO8riWhgAzQB3qiRzOcG5Jz3zcOTXB2giraGDxpqLEq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 81fcb8e38c739229-FRA

GET
H3 200 506.9f321d440064bb53.js Show response
microsite.s.id/_next/static/chunks/ 1 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700:20::681a:7f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-a01b5ab3a4491b81.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17858
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 08:10:45 GMT
server: cloudflare
etag: W/"44a-18b8f15af88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRdfEAvxSozNPfelYN6v5Qi7fD%2F4Jjw9VMnCtEFCLuD%2BbUFHI8xisxouKVVBd7HiQkX1mRL4qwJcgeluZ59%2BnhLQK9ITaKL7lOvmu3ExP%2BAXYONkWtqMf0MV8nKgvbaFR8YukslHitPv5dad"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 81fcb8e37f4f3a9e-FRA

GET
H/1.1 200
OK adcap Show response
app.s.id/api/ 36 B
703 B 626ms
210ms XHR
application/json 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=konustucocuklar

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-34eebd3069454f50.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1698931723,hqowc5,b31e055a59acc147a484b5ce5f852c78
Referer: https://s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 13:28:45 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://s.id
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

OPTIONS
H/1.1 204
No Content adcap
app.s.id/api/ Frame 0
0 2299ms
900ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=konustucocuklar

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://s.id
Connection: close
Date: Thu, 02 Nov 2023 13:28:44 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 408ms
34ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~loh82vmx&c=2322894111308848&e=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYwkcgYyoECAESAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 438ms
75ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b81c8f33fccb59aa0e1d183d63d844aefd67a954b1077d0cdab52e72c0074a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 13:28:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 394ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

777d763637b7eba97de2ce286da7c0429e4f3c85be743aa3cb22aaba041bfa12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 13:28:43 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1ECC 119 KB
46 KB 2257ms
2256ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7123649a9d080e9b0953963a4f756c11b16a31fdbffefd0ed1aaf18d234cb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:45 GMT
expires: Thu, 02 Nov 2023 13:28:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28D8 33 KB
13 KB 1325ms
1319ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6aeb1d1847db5b62932464a13b1921113f4b4da63b014c3e0cddd8ba8c08bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13576
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:44 GMT
expires: Thu, 02 Nov 2023 13:28:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 acce62f4-e1ba-4fc3-b140-0f5efe35d16c_512x512.webp.jpeg
cdn-sdotid.adg.id/images/ 5 KB
6 KB 340ms
339ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/acce62f4-e1ba-4fc3-b140-0f5efe35d16c_512x512.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d61cae3c3fb4947645280a810598fc1110fd716a7286dd989bce30d623fde5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
x-amz-version-id: OrMF7NAl3fabZBMhU4lpbrsi5VaBQHN7
via: 1.1 a80cfefba1e25a9103271d8bd22be77e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: LHR50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5566
last-modified: Sun, 15 Oct 2023 22:51:17 GMT
server: cloudflare
etag: "75946c36009b528b1b631cea1e8bdd21"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEqysoa4LzeG08FMaptFljJJJRnChucgWBbM%2FnBwv2fa%2Fg7tjdc5E%2BCPiA%2FFZymlScov2VJq4ISnMYuFwqN5vxQ%2FJJ01cYBlnAAMc6UaVMP7jihsVrdpmcuVu2kaHSEZ3RcScM7BYcAxPOcPbMlt4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81fcb8e5ac1cb79d-AMS
x-amz-cf-id: WidTZYKb_D4GH0435eCBmdmybusRbOSqwaqNdIZk298-tvCzgM9cgw==

GET
H2 200 c06781aa-4dfb-43f2-bd38-a19f7e691de7_239x240.png
cdn-sdotid.adg.id/images/ 19 KB
19 KB 356ms
355ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/c06781aa-4dfb-43f2-bd38-a19f7e691de7_239x240.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0f46fe1baefda38c540e7b7634c766055a991e07c2249a0acfd26d6c85f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
x-amz-version-id: vOQufB2oipJPQjabi2BCh0SeV47nD_eg
via: 1.1 809aab597f9b26cadc42a1c11dd373d8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19149
last-modified: Mon, 16 Oct 2023 10:45:00 GMT
server: cloudflare
etag: "24636f13d0f5f823429ff92efb51885b"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkarUfCeUA4O2YytYtWWw2bQvn2Q0BobFFU0nECZA3AdHTRgv6rDYWkoyPS7JSz9jsjZosQIORpr1NERGNgge5wum%2FH2PI04VTKrZFEpcy37WRh%2FhEA2%2BLDxwnMO%2FJcNGF3VfmmEcA%2FqlMn0zSb5YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81fcb8e5ac1eb79d-AMS
x-amz-cf-id: bFOzK7xNTxLBDDDPqs7kS-Qjm1XszsxJRmPJQqZ5ypEQ9sSJbbE4qw==

GET
H2 200 418f601c-5074-4f72-9755-b12a2276ccb5_237x237.png
cdn-sdotid.adg.id/images/ 19 KB
20 KB 343ms
343ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/418f601c-5074-4f72-9755-b12a2276ccb5_237x237.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6945484621217f2b98adaa2c5b40d2de6ad77099df4cd6b0050020e6ca4b5dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
x-amz-version-id: A7if41hVGGRtFcVk537JwAJl0EuiyH_4
via: 1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19702
last-modified: Mon, 16 Oct 2023 10:45:17 GMT
server: cloudflare
etag: "5e9724ca706152bd8e4f5800e5f03018"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df77GqGI%2FPboJiWnKcMbkje0002rfSlF1k1LUsLfxyDGYrNetjAGkC3exbIzqh7GMEUmZHmmjPsm8vjY%2FHH8AgBRBfsQ4EirP7JmkLgG1%2BlxnzKodt1FDpEiRoGgHO7BPqEPALLUzQC3%2FQjCPDmB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81fcb8e5ac20b79d-AMS
x-amz-cf-id: v-ftvwVqV5l03iat-Mcvc5WjTMbBubO6CVHFJguZqXMeWP7Z6E9-9g==

GET
H2 200 e1450f72-171a-4f2f-b45d-3abe92d0cfd5_239x240.png
cdn-sdotid.adg.id/images/ 20 KB
20 KB 358ms
357ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/e1450f72-171a-4f2f-b45d-3abe92d0cfd5_239x240.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44acf68e13d306e6b8cf14595de83022c6699807c541a3bbf419836a4fddbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
x-amz-version-id: kQ76cltS_w6ChSjmOS1yEjhhuicpfaWJ
via: 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20079
last-modified: Mon, 16 Oct 2023 10:45:44 GMT
server: cloudflare
etag: "1bd1105bb3f4583b2704f391363b19fb"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NU7lkRIS%2BGB6J%2BTn0XJdG%2F12keOHXwB1hh1BDHxZInLa4wow%2F9JVgKo0NB5eqS4pBsGpqracTh5ickYFxoN0nVl5oLdofoyNBfdfzZKqBLROix6uMUgh34vlKtjFmSFFUSWRVVkkalzFcKNE5wjFtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81fcb8e5ac21b79d-AMS
x-amz-cf-id: awswKt61FbVm_GnhD8fCCaVZuq0G_rhQ5qnCKXGEqLH1_2h2iZADjA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc99089434467b30a5c3a6f897f7f168531314e4ad11708b92d5d3e6f85d9929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 13:28:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 73ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3au1v889124241&_p=622976161&_gaz=1&gcd=11l1l1l1l1&cid=225954542.1698931718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698931723&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fkonustucocuklar&dt=1&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 73ms
24ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=225954542.1698931718&gtm=45je3au1v889124241&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 88ms
39ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=225954542.1698931718&gtm=45je3au1v889124241&aip=1&z=900121826

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 59ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3au1v881303989&_p=622976161&gcd=11l1l1l1l1&cid=225954542.1698931718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698931723&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fkonustucocuklar&dt=1&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 34ms
33ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~loh82z3p&c=2322894111308848&e=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C31061691%2C31061693&ctx=1&met.3=1001.3i8_1__1~164.3ic_1~165.3i7_6~166.3hs_12~1032.3o0~326.3o3_1~832.3o7~868.3o7~216.3o0_b~215.3nz_b~843.3ny_c~889.3oy~639.3p2~112.3p8_2~629.3qj_1~246.75z_1~247.764~248.764~1032.765~326.765~832.766~868.766~164.765_1~165.763_3~1032.767~326.767~832.767~868.767~164.766_1~165.766_1~889.76a~889.76j~639.76m~639.76m&met.7=CBsQCMABn72qvw0~CBsQByD9IThIwAHph4WaBw~CBsQByD9IThEwAH9wcmaAg~CBsQCiD9IThhwAHb57aZBg~CAEQChgBIP0hKP0hMKUjOKcBUJAiWMMiYJ0iaMUicI0jePaZA4ABypcDiAHvnAmwAQG4AQPAAd6Ov5sB~CBsQCiD9IThjwAG-08yyBA~CBsQCiD9IThuwAHVz9uYDA~CBsQCiD-ITiAAcAB3Lrphgo~CBsQCiD-ITiaAcABlu6VvQw~CBsQCiD-ITijAcABxr_vpgM~CBsQCiD-IThowAGt68npAw~CBsQCiD-ITihAcAB6vDlhQQ~CBsQCiD-ITiiAcABoZKU6wU~CBsQCiD-IThgwAGLrPRz~CBsQCiD-IThfwAHMm_nPBw~CBsQByD-ITipAsAB5IaMwAw~CBsQByD-ITiWAsABrJ7ohwU~CBsQBiD-ITiFA8AB5dP-WQ~CAMQChgBIMAjKMAjMOQkOKQBaMEjcJAkePC8CIABxLoIiAHW_RiwAQG4AQPAAfmVyzY~CBsQAiDDIzjMAcABxICK2gw~CAwQBRgBINUjKNUjMIwkODhQ1yNY_SNg5CNo_yNwjCR4wiWAAZYjiAGxULABAbgBA8ABoqaR_w8~CBwQChgBIJQlKJQlMLklOCVolSVwuCV4jKwBgAHgqQGIAa25A7ABAbgBA8AB35OgyAM~CBsQChgBIKclKKclMOolOERQqCVY0CVgtyVo0CVw6iV4oQSAAfUBiAH3ArABAbgBA8AB5Krg8AI~CBwQBhgBILUlKLUlMPElODxotiVw8SV4rAKwAQG4AQPAAZSE4rUO~CBwQBhgBILYlKLYlMPYlOEBouCVw9SV4rAKwAQG4AQPAAZSE4rUO~CBsQByD-ITi_JcABqNzjqwY~CAUQBRgBILUlKLUlMLtHOIUiaLklcLpHeKwCsAEBuAEDwAGQx7LwCA~CBsQCiC2SDgewAHv14DEDg~CBsQBiDwSDjVAsAB6anGVA~CBsQBiDxSDjZAsABiYLw9AQ~CBsQBiDxSDjlAsAByp__oQc~CBsQBiDxSDjnAsABqqK43Qc~CBsQARgBIMhIKMhIMOFLOJkDwAGkoPylBw~CBsQChgBIMpIKMpIMJdMOM0DwAGM1djrBA~CBsQChgBIMpIKMpIMJ1MONMDwAGM1djrBA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5271 624 B
242 B 55ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhjRrID8ATAB&v=APEucNUzbIIt35lZCVDgx-uDqrXi0TW1COmyOoyIa41v_-XEkXmIgRzvYEKu76L3kJmAmev-dF96ihnxGf2_4XUkHNPFtWzH9cyuGpaR8W_wb6aNudfOSaEf12f-o92dmLnak9To5ctb94tkcOatYpnc-HUiDiBwHtJu-hhZpjuplB012MwsGDs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 59BF 89 KB
31 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:28:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 59BF 3 KB
1 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 12:40:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 59BF 20 KB
9 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:09 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59BF 197 KB
62 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63354
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:28:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59BF 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjeQ3PV2W-DSlMIU4rre2mXBNPAMZ43RvyWFaaG1m4r3K_P_mcBkeVXeqGBdz6i8UtFf35BtcABPhPvFu0zj6jfJMw3ttLb5xOqQHtTTZUejrycBE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59BF 0
20 B 60ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17486653446897823&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5271
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1

43 B
344 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhjRrID8ATAB&v=APEucNUzbIIt35lZCVDgx-uDqrXi0TW1COmyOoyIa41v_-XEkXmIgRzvYEKu76L3kJmAmev-dF96ihnxGf2_4XUkHNPFtWzH9cyuGpaR8W_wb6aNudfOSaEf12f-o92dmLnak9To5ctb94tkcOatYpnc-HUiDiBwHtJu-hhZpjuplB012MwsGDs
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsp1te8LKV%2BHOuUJ%2BHwd3Ka1o9mexuHOHTCzWOSPqPIWqSFvuwn0cbM%2FElXrNYLmXS%2BseDoFTLEnLa%2BPQTBaKlZ%2FLjtXcblBE2P27qmwkrhqB40CwkjMesUtMPsDabj4gbcR%2BVMdVTt7wA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81fcb8ece82e1d9e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5271
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUOkDIC-0K7xAJaIFWaijwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1

43 B
770 B

23ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhjRrID8ATAB&v=APEucNUzbIIt35lZCVDgx-uDqrXi0TW1COmyOoyIa41v_-XEkXmIgRzvYEKu76L3kJmAmev-dF96ihnxGf2_4XUkHNPFtWzH9cyuGpaR8W_wb6aNudfOSaEf12f-o92dmLnak9To5ctb94tkcOatYpnc-HUiDiBwHtJu-hhZpjuplB012MwsGDs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBTNifpOOYVU2DhIV2JjgrdVFq8ATVIQ7DrqphTnAJNlKh9zoXLhYlMGxv7XZ2KexUF%2FMjFBbIAZarvgVMCIw2W070v2egdGY1CfoN%2Fu74DDo40nX32cD64wuXgFWh%2Bh9ejms5qs7%2BUU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81fcb8ed2df8926d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDnrW_qFnqAusqwlWspDYuw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5271
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDo-L_Rh30Xj4Td7R4Zewys&google_cver=1

43 B
843 B

14ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDo-L_Rh30Xj4Td7R4Zewys&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhjRrID8ATAB&v=APEucNUzbIIt35lZCVDgx-uDqrXi0TW1COmyOoyIa41v_-XEkXmIgRzvYEKu76L3kJmAmev-dF96ihnxGf2_4XUkHNPFtWzH9cyuGpaR8W_wb6aNudfOSaEf12f-o92dmLnak9To5ctb94tkcOatYpnc-HUiDiBwHtJu-hhZpjuplB012MwsGDs

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
an-x-request-uuid: 3d9a098f-6aaa-406c-97d5-cede785d1394
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDo-L_Rh30Xj4Td7R4Zewys&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5271
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

170 B
243 B

25ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
an-x-request-uuid: 6834c880-6861-4173-ab61-ad5500c2dd60
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59BF 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7736604041412&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59BF 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7736604041412&version=m202309260101&ct=76&x=1&cor=17486653446897824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 59BF 91 KB
38 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9q8brfOBgtLfJjqg-FyFpgfX_NCTQcVavCIWdZ2eqWw0Z3DAkCf8DDYfkbwpsVbRb9nJNcMgkOeBLj-ONDD150o-sWfrXkLKeRhvPnZvvZgmTA356QxMrNq0Ucov3Ue4xCKSGYJRGGl1IN2K8EV6LgHd4zd07SFmjvOjk1lK237x-G0KWXjjr2jxVo3h2B4NguxIXGbEZvZWWTy5vkl2kNvE41A&dbm_d=AKAmf-AFCbbnWsazLWJKOia1qoPNw5cLprPsSlrBPkC15dBGAWE-dlXHbtOYcnaqzpQc2vYbxITfkKHzhDPcC3_V6dqnQo-KXT90V2-NnA4NWC9C4CZTGNS4A8O8W_nqTH9n_zWKwjcInHqQ-8x3L3FWZj_bzUUVGo8BHcpYMy70b2LZU43e6iKebIvw_jPXfrOwEO0U_JFxVQ2Qj_HZ2PLT50ngDYryKowtLiEq39V6773zUl36-tSzDs-kduor_2XfBYcvMhMFHQ8FGHqixwOmjxTpAaVFk-63A1X3JBOYg8Gg2lR0AMyzbVpHxgtLB9qTtB3E6fAMiQqFOmaByl_gUBUSlHyhnzJTuKlVeKNZ2jD6JJxMMb3MXc3pKUU2mbUo4jUC-2hm5sjt-yPA2LzKJgcKeJasnLXqInvvtlzqA_ElwFDPzH6zroaW8G4vKRp3OYrpOOCcIA06PKCkdV7ifgM2_q4IiHD_tn3mkFCxypvvOidOzWaexpNOnpslovEyaa0rPRBf968CGRwt0UOAkwB34LoJ7t8Kd3KOZEn6cFWRmmK4Pg1bXhaQDpIjc2d-qtAKgTA60aJbRQd3xihaaDfWkiYOTMvOaU8vk072cWtkZXeTkwXTylrMMl-laPXdbkTuvEF2xTndT-W2TXsbfJn6Npr6lY6VVHPBC1v2KDBbljrllIvdcadppSZlBAqRCefuEsnXm8L9MrFtpHyxJcViYbjDZbyMMdIR9h7O798aOIzjSqHDZmfxApBSa-7tKdUNf3e_gpuHxuAhdd_zW6QSMOTBBKwpt9KV05cp0kev5SvSGey-fEIlby1aNFCOJRxCOmb9vl9dQ1FNkMUxMUM2w1jeuLEs9FXCijvPNf2SiDa0WPEow5lnc1IBbazasArgjnFzgRrqNx5I-UvkqeqQNRZMl0Swvyls5FlpKWm2MYb2prrCEkw1ZIBaKS01R0IzqIqBQGoII_9OTwyebK5_1LOU_9-H041T7ZGGxYZxQ9Xn2PYmGoA7zIqAtJ4tipCmpDjN9b0kl-2REJx1V9XZHNRemQux00H6AZhCiTrklbq8fz6HMkTmcM8sAJq4mPyyUoDKVMps-0rL7z2IMWCtuSdz96diuoMaaQ-GorGXKpRGohIflkP2pUDQ8VFRVfRGab3YM6QxqnfsPleEpgKRnbYxy1SDB-xAURQBB5ITqlEY9420z4xB66N9j9UhA7UQSDIuwufEBqBZxQFv0aEuGKTwkrEaO_k9gbRWyVlf6TWw4c2THksTw9kurmBYHVFXwqaI4AsoYoE6o8puFUCbKleJZtuROE1SPjzWhNW2NAcHdAUKpNtnPpfzlLeDrzW8_0pwfFWH3cLkZruZXsJGwe6QZ7b-hxQeLqMfaEtEdYBgjXF6AREFzEpwQsbJcB4V8IhrSf0PuODBPVz5QHLywHLAPXWUt6Cjy-42zBAr-TXe_a40mmLg5cLXgN3ZkmeA4RFPhfc3_-HpCsdFFFM3OjSblBWcxZYOnFaUu9Rcj87tWUwYERHs_HoPaT40fLpiBB3A2TZdWpUDzIWxw3XFgQi6rZPqVb11HfqcI_lVuvuWi-dPuOni4eA4Xxbah9GSUQCj7bLPMpARaueoDjgD1j0uJb4BW_jlDc44GuFH7Wuhd6LOiajNNkVsR0G16rN5xPOcoSy6F_bzUkqSecibbhzkbPe_6x28MP4zrgaefv1lt_dW6KiJYSGlm39z8-EOag4es4xnIurzafeUnIw0A1ub1P4JjQIuhqh7qfCO01PyyU9ccmfFat7t4syfzXDYevj1shAS2VcWwbq2PvKCbyaNk_oDOYTzvOdb6b1kDom1sjlWlt592q84kpEQrEl0_tqZgrq_KbWlahiysvkaTRt30vhVKKERvobqQAUTnzEq3QB5zQ-HysoMV6f-P98M2LYn15de1nyVLrvm5zgBWeehY9c27khLFeMtxV6irZKiwSOVD-sTRRFr268yLatIv8Gskwdnkaz-1HUnb0_8u0qPzRCHrZ4RO8NQKHzUIn2_sZUyNFEmZZC3IOzddIn1Gwq91m5HbV5ONv2ipltY7m_HL2-0njL3WVpePpV73l9kWyHomuIrtO7y79unLpKM0vJHpzf5l87mzJEFY1i1hhdNm-34QyMbPcv-lDELJ-Zuit7o1kt8NE0_AGu4iDz7a8MJt6yjf7HTbsr16N57E6Yc_koevVXB2udpGDqOWEw2bbd_PPYAxiayDMj_XSdPlIottjt7asA_wk2tAFBKTit5oPuBJc9JS1tx9FOL-R3tEIrNG1JcKffgbfXAe_JBNN-VT04dYoLJOEV4_qTRkRvngjLhPW1kCI0N2-XdRFx4wAv9MUmUWiRH34HUj0KwU3Coi2Tx5Gd5yrywS82FyV2Vw0fkyM8zotn5bpOEi5phRJyPYaDwbgi2uyP5rl3RKJYAXYIAjr6JM94TAVXZtj2HJ_IRIuH1VSN2O0pJVvOhZEGYo2Spj1anOlQKct4lcAnCj7UysAdVjXjVv3mQVOYTwdL6bVg1THWi4keUVXravw1yGaD3p2_7m5UaYrpLBXU1VU5ErOy0lW050gsHWDVbBvSnpOgMFKlZmNKXaU6I9Y6FBFG6YFcitY2o2NBuD7_NmsutQ1-dpfyCZMc97SWzlQPRXQtneuIXh1b9ljOLImS8v3wCxkf4ujKxlLpWZrTfEhC6AOljp1xPcdrz0jLjcShXbhV9UoLc4ifr_FSUe9a-WuQMdI0Yfqk8nJTvM4npoQnMwY0Nb5Qj6sB1DDhbsF6ukB6Deog0dcR0wEkt5CHCWENxCVSWmiW8gSsPivtof2RVUIyjnoO7iLv0bgC1QQcapBFIZQrqqm351LMXEdWj9YGoe2xvQqSHgKhITepH0AhbdJ04vsP9VRbrp1rWegBUwnupL7lcDmgM523Yzh6TgoQa8UcT-Bz98ir1WC7zXKyi9O2wbSuCVtLouOby-AIufkErnTi3HpltRMdRLg-7C61cL6jd7_k3vtZfcbJ7oeLmGIOuzGHm_ZI5x-B6QLrto_8VX30Aaxd5-T3Z7Tk1AJ4a99EDQcKwoeO4qu75WtuEqoEdJRBiG7KAIXtcIRkbVQUVeB_0uVtETgRD-Y3c4I-Qv58EnsJEwjeC-6gTm0ulLkXrCuxsdeOKFX0APxWtZH3BD6JgufcwhLdKHjuWSLnresB6C7krLSih-JprVeQCJNBj9zAQel2cyBsHAw2lF5vWs9vyHcHwnbhT-XvfROyQ6WWzJb1uXTdW61HnPuLS9VxYiBB_ubolGhu3SjcGibn9OMlQCc4X3XNNosShkmc12czSAfVdEHKRlysGeKcy9t2BXBglTxGKYPMSacYlAf95U8u4TcWKZF6cKJINCLeIXiqAcwJnFbkmQFKPSL69hIDRNuR6XtTN_4cAeDX5lp8P2EVXDN03o658NzvbP4fb_jSfRWr8Vs4X8pjjgE_h-_e3WbXfr70EcVmEohzJEU5j8wPtSBYlKMoW5gH0ccG5Vpd2eBhmY371CQ2B&cid=CAQSOwDICaaNO4QM0FP2JQbO98MWkHrM8tFajc2e_6TpKvuzypWp-dmM-O7s5by3DlDXme-5Lbc-JkIWaWgGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs.id%2F&ds=l&xdt=1&iif=1&cor=17486653446897824&adk=497053795&idt=99&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9709441b0a6984b6f42a3ed61f22a0bfecff830fcb1c4b1a9feea2b190f2006c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 59BF 111 KB
39 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:17:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 59BF 11 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C9q8brfOBgtLfJjqg-FyFpgfX_NCTQcVavCIWdZ2eqWw0Z3DAkCf8DDYfkbwpsVbRb9nJNcMgkOeBLj-ONDD150o-sWfrXkLKeRhvPnZvvZgmTA356QxMrNq0Ucov3Ue4xCKSGYJRGGl1IN2K8EV6LgHd4zd07SFmjvOjk1lK237x-G0KWXjjr2jxVo3h2B4NguxIXGbEZvZWWTy5vkl2kNvE41A&dbm_d=AKAmf-AFCbbnWsazLWJKOia1qoPNw5cLprPsSlrBPkC15dBGAWE-dlXHbtOYcnaqzpQc2vYbxITfkKHzhDPcC3_V6dqnQo-KXT90V2-NnA4NWC9C4CZTGNS4A8O8W_nqTH9n_zWKwjcInHqQ-8x3L3FWZj_bzUUVGo8BHcpYMy70b2LZU43e6iKebIvw_jPXfrOwEO0U_JFxVQ2Qj_HZ2PLT50ngDYryKowtLiEq39V6773zUl36-tSzDs-kduor_2XfBYcvMhMFHQ8FGHqixwOmjxTpAaVFk-63A1X3JBOYg8Gg2lR0AMyzbVpHxgtLB9qTtB3E6fAMiQqFOmaByl_gUBUSlHyhnzJTuKlVeKNZ2jD6JJxMMb3MXc3pKUU2mbUo4jUC-2hm5sjt-yPA2LzKJgcKeJasnLXqInvvtlzqA_ElwFDPzH6zroaW8G4vKRp3OYrpOOCcIA06PKCkdV7ifgM2_q4IiHD_tn3mkFCxypvvOidOzWaexpNOnpslovEyaa0rPRBf968CGRwt0UOAkwB34LoJ7t8Kd3KOZEn6cFWRmmK4Pg1bXhaQDpIjc2d-qtAKgTA60aJbRQd3xihaaDfWkiYOTMvOaU8vk072cWtkZXeTkwXTylrMMl-laPXdbkTuvEF2xTndT-W2TXsbfJn6Npr6lY6VVHPBC1v2KDBbljrllIvdcadppSZlBAqRCefuEsnXm8L9MrFtpHyxJcViYbjDZbyMMdIR9h7O798aOIzjSqHDZmfxApBSa-7tKdUNf3e_gpuHxuAhdd_zW6QSMOTBBKwpt9KV05cp0kev5SvSGey-fEIlby1aNFCOJRxCOmb9vl9dQ1FNkMUxMUM2w1jeuLEs9FXCijvPNf2SiDa0WPEow5lnc1IBbazasArgjnFzgRrqNx5I-UvkqeqQNRZMl0Swvyls5FlpKWm2MYb2prrCEkw1ZIBaKS01R0IzqIqBQGoII_9OTwyebK5_1LOU_9-H041T7ZGGxYZxQ9Xn2PYmGoA7zIqAtJ4tipCmpDjN9b0kl-2REJx1V9XZHNRemQux00H6AZhCiTrklbq8fz6HMkTmcM8sAJq4mPyyUoDKVMps-0rL7z2IMWCtuSdz96diuoMaaQ-GorGXKpRGohIflkP2pUDQ8VFRVfRGab3YM6QxqnfsPleEpgKRnbYxy1SDB-xAURQBB5ITqlEY9420z4xB66N9j9UhA7UQSDIuwufEBqBZxQFv0aEuGKTwkrEaO_k9gbRWyVlf6TWw4c2THksTw9kurmBYHVFXwqaI4AsoYoE6o8puFUCbKleJZtuROE1SPjzWhNW2NAcHdAUKpNtnPpfzlLeDrzW8_0pwfFWH3cLkZruZXsJGwe6QZ7b-hxQeLqMfaEtEdYBgjXF6AREFzEpwQsbJcB4V8IhrSf0PuODBPVz5QHLywHLAPXWUt6Cjy-42zBAr-TXe_a40mmLg5cLXgN3ZkmeA4RFPhfc3_-HpCsdFFFM3OjSblBWcxZYOnFaUu9Rcj87tWUwYERHs_HoPaT40fLpiBB3A2TZdWpUDzIWxw3XFgQi6rZPqVb11HfqcI_lVuvuWi-dPuOni4eA4Xxbah9GSUQCj7bLPMpARaueoDjgD1j0uJb4BW_jlDc44GuFH7Wuhd6LOiajNNkVsR0G16rN5xPOcoSy6F_bzUkqSecibbhzkbPe_6x28MP4zrgaefv1lt_dW6KiJYSGlm39z8-EOag4es4xnIurzafeUnIw0A1ub1P4JjQIuhqh7qfCO01PyyU9ccmfFat7t4syfzXDYevj1shAS2VcWwbq2PvKCbyaNk_oDOYTzvOdb6b1kDom1sjlWlt592q84kpEQrEl0_tqZgrq_KbWlahiysvkaTRt30vhVKKERvobqQAUTnzEq3QB5zQ-HysoMV6f-P98M2LYn15de1nyVLrvm5zgBWeehY9c27khLFeMtxV6irZKiwSOVD-sTRRFr268yLatIv8Gskwdnkaz-1HUnb0_8u0qPzRCHrZ4RO8NQKHzUIn2_sZUyNFEmZZC3IOzddIn1Gwq91m5HbV5ONv2ipltY7m_HL2-0njL3WVpePpV73l9kWyHomuIrtO7y79unLpKM0vJHpzf5l87mzJEFY1i1hhdNm-34QyMbPcv-lDELJ-Zuit7o1kt8NE0_AGu4iDz7a8MJt6yjf7HTbsr16N57E6Yc_koevVXB2udpGDqOWEw2bbd_PPYAxiayDMj_XSdPlIottjt7asA_wk2tAFBKTit5oPuBJc9JS1tx9FOL-R3tEIrNG1JcKffgbfXAe_JBNN-VT04dYoLJOEV4_qTRkRvngjLhPW1kCI0N2-XdRFx4wAv9MUmUWiRH34HUj0KwU3Coi2Tx5Gd5yrywS82FyV2Vw0fkyM8zotn5bpOEi5phRJyPYaDwbgi2uyP5rl3RKJYAXYIAjr6JM94TAVXZtj2HJ_IRIuH1VSN2O0pJVvOhZEGYo2Spj1anOlQKct4lcAnCj7UysAdVjXjVv3mQVOYTwdL6bVg1THWi4keUVXravw1yGaD3p2_7m5UaYrpLBXU1VU5ErOy0lW050gsHWDVbBvSnpOgMFKlZmNKXaU6I9Y6FBFG6YFcitY2o2NBuD7_NmsutQ1-dpfyCZMc97SWzlQPRXQtneuIXh1b9ljOLImS8v3wCxkf4ujKxlLpWZrTfEhC6AOljp1xPcdrz0jLjcShXbhV9UoLc4ifr_FSUe9a-WuQMdI0Yfqk8nJTvM4npoQnMwY0Nb5Qj6sB1DDhbsF6ukB6Deog0dcR0wEkt5CHCWENxCVSWmiW8gSsPivtof2RVUIyjnoO7iLv0bgC1QQcapBFIZQrqqm351LMXEdWj9YGoe2xvQqSHgKhITepH0AhbdJ04vsP9VRbrp1rWegBUwnupL7lcDmgM523Yzh6TgoQa8UcT-Bz98ir1WC7zXKyi9O2wbSuCVtLouOby-AIufkErnTi3HpltRMdRLg-7C61cL6jd7_k3vtZfcbJ7oeLmGIOuzGHm_ZI5x-B6QLrto_8VX30Aaxd5-T3Z7Tk1AJ4a99EDQcKwoeO4qu75WtuEqoEdJRBiG7KAIXtcIRkbVQUVeB_0uVtETgRD-Y3c4I-Qv58EnsJEwjeC-6gTm0ulLkXrCuxsdeOKFX0APxWtZH3BD6JgufcwhLdKHjuWSLnresB6C7krLSih-JprVeQCJNBj9zAQel2cyBsHAw2lF5vWs9vyHcHwnbhT-XvfROyQ6WWzJb1uXTdW61HnPuLS9VxYiBB_ubolGhu3SjcGibn9OMlQCc4X3XNNosShkmc12czSAfVdEHKRlysGeKcy9t2BXBglTxGKYPMSacYlAf95U8u4TcWKZF6cKJINCLeIXiqAcwJnFbkmQFKPSL69hIDRNuR6XtTN_4cAeDX5lp8P2EVXDN03o658NzvbP4fb_jSfRWr8Vs4X8pjjgE_h-_e3WbXfr70EcVmEohzJEU5j8wPtSBYlKMoW5gH0ccG5Vpd2eBhmY371CQ2B&cid=CAQSOwDICaaNO4QM0FP2JQbO98MWkHrM8tFajc2e_6TpKvuzypWp-dmM-O7s5by3DlDXme-5Lbc-JkIWaWgGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs.id%2F&ds=l&xdt=1&iif=1&cor=17486653446897824&adk=497053795&idt=99&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:34:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 59BF 30 KB
11 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:34:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 59BF 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 515445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F491 1 KB
643 B 26ms
26ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 59BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a7cece063cfe6864e1fdcd8d723919bffb858ac178a146fc75c3ca6bf7b1765

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 36ms
35ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~loh82zif&c=2322894111308848&e=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C31061691%2C31061693&ctx=1&met.6=6.1_Cg0Y51QgNSoGCAYSAhAB
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F491 35 B
464 B 47ms
11ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENT_7qhuBiqxe9nyuUZysjE&google_cver=1&google_push=AXcoOmQCB1JW5zF1EqvSgNLFBlGf3asuXZKBl3iVC-j4gJG8uzIhfLGdmdPSvNSraRyP480patEqi5mmjCBxLHSO-UXEeKjCO3ALIjk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F491
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDNOcFVJTXYxUVl4S0E1&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrA...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDNOcFVJTXYxUVl4S0E1&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrAG1_UNO5myugBU_BhPqSmzRx_yJjj9fzq6pNdv9PDhM1hKxWdHm0wq3w

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 13:28:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0e375bc7960f51888@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDNOcFVJTXYxUVl4S0E1&google_gid=CAESELrunSNeTlxcGL0Joh7NrW0&google_cver=1&google_push=AXcoOmSiPcltwGC-05KF0UkxdEyTfZtVCKvAG0cpa-TpCrAG1_UNO5myugBU_BhPqSmzRx_yJjj9fzq6pNdv9PDhM1hKxWdHm0wq3w
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F491
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fK...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4...

43 B
426 B

192ms
175ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: s.id
URL: https://s.id/konustucocuklar
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81fcb8ef3cc49a15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 6958
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEExFQPSgSPmyHc9o1NBxR_Y&google_cver=1&google_push=AXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSAmQlQrffvan15lNwaJJ9i7jGcP12hys4nDHkt1MtiXiY2DwLEHxlPtf_xmEIk9Js3fh8vnpkvoACoR09AkHPkM-tCIV4fKnk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81fcb8ee0b9f9a15-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F491 70 B
149 B 120ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF06NG3tp7hEfdQJoCZxq1o&google_cver=1&google_push=AXcoOmQ0yjj4oFe9I4BOV9_3vvDQ3Cpi8k1paPqPh1ThewoIMDtKsdQynQb_lizvA0g3SV0vFhl6qpe3freWNzI8a5DMEBFPvdm94Ug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame F491 43 B
146 B 151ms
8ms Image
image/gif 18.192.168.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAr26osKtE-hxpoEZxQuYLo&google_cver=1&google_push=AXcoOmT6R4lMrZRsSLE2dEfHteM6ESUEvr_4LAm5HArSmAPw7jpFf-T70U504cyortRqR6r0IRZmcs722SnFgaauOu3O92oJ9U53RmM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1698931722&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=1&bdt=4946&idt=1&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0%2C500x280&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=gCrHaNw4IX&p=https%3A//s.id&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.168.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-168-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F491
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHVSHwE_S4odd7yYtXkW64M&google_cver=1&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3Lyu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3LyulcZvOQHo&google_hm=eS16dVBwREtKRTJwRVl...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3LyulcZvOQHo&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 13:28:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQBYNjMVPypKFOF0FtUi_vgom89FsiseH1NspFaDw1OcZsgELvlRR1UhSVP1Egh-kyjmwy5R1UokzJGMHQMqvU3LyulcZvOQHo&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F491 43 B
363 B 56ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTnZfWwfbSoyYoR9wHhc6VT4-YqeY8N-1K-x-Wpc_8dN6tpmK4p_ojc_wilT5WcXl7O6JdZHse7RRNfgRyA3zwHp04tGvrx-W4&google_gid=CAESECOIbIwmXWkrnUeWblsrOxg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 221988
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F491 0
12 B 23ms
23ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LY1EmCLVrDHI5KT16VXovrEnVNIFC7GGYvbyxUopOqC6KYp46e1x8cSk30oAfJuH3pcRta

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B6C 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 515423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/ Frame 3B76 8 KB
3 KB 47ms
15ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8507ff641cb0ef478c7bd2550412973977768945ca2f1dc96f922a340e7ad46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 99213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2758
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 09:55:11 GMT
expires: Thu, 31 Oct 2024 09:55:11 GMT
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59BF 0
0 154ms
57ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXxrjygmbcPPLHUf82EdcJKKVYCaHqCEW000Nm8eu3fu8utCFqfMglJLtkB_ddv-iferX_1UR3s3eqT5pqepmTP9mUCHA-XboyQp3yHNZSqgKava6ZgMhBp1PRSAWY9J31CA-2zt5LRECQUkJlIbtRW1_fyY232_oLabTtl7bfeVkhvOv6BDfhfU_Bu9kBBMDtbbIPXfZ16hRiZw-1h4C-1rF84T-USBMbknjPrQPSXiVpcKYhKQOkUgJgZDsSoNEPzqQZtN7q_9UJkd37PWGS2nN1HxEMOTy_-nt7CZXoJPt9La94Zqd9Ynee_GUB8ecpGguxrg5e5Qdk3eOjskl_MYhe0pJmFdFNd-1VzIpdF-5eySzCqjP2091ZOG8RtMnO4S63BYUTmwtxW2DH8_8VUfXMzn1S_lwF9c96Izum5qqiR2Kw9-NoM7i8DxoeduYADiDGnMrgcnH0YoVWq1owpxfw0bNv9taeC4B04IcJ9Khnvh9woBp8Ll4uq0nvJHeeV67gOsxc9tKl06fb5PrWyPv06dXQPTA95ki35mxj7joFxoZEZgyQfm9L-POW6tiglMDH9i0HNHBDoT4enyxN8FN5AJre9iL6wLWGuyKgtRtbvMs4_pRwY6QuJsgfZQgaPVTLd8BOsUebQ3E3nHTsuerYcmprqbceq8i-QfH6H70vbKubMKdZJ7Jg_bCbXPoIyaxAfNnq9i9qQiIyz6hpOIEm5Qw2q8BtMEW7-e_J0FvQGzwj__rWTEDzDaOkInlL43nPFKfQxY6ZUa9GJpKyitmqciYDeWZZ6jJBzPgrAPl5JHkrH9vQ2kuvk5HA8Ay5D9dNYL4CHAJOFW0vjrzsZq9ga1Aq50reHXJ9-lq8dcrZGCqbvWS0a9CMuyZVAU39_Wu-E5gax0qSnPvXKw22B8wKOat-LjwcjKbwNjZKrYX_jDhKi5d5hlOygE8jy-OQYmVZFcbKBfSVJ-h5MZS-LhkkztbXNX5sXTOFxqnXARC6cqBt-_l0bHr-XFeQWkP9zMVjp0mWkHaAgItmfEvqJrLsOv6xRJrjRNiesd8NuZ8cyeBKXGWh7WWKbGVk4Bb_LtA7whS5w6cUgWBgV7NUY41umiUbc4j5HGDhKyqP92hmN9N6UOMMrp8pOP59feTh9PXXvvbas-UPLMbXSlLShkec5W5_pQO0iI7D25tcZ9PUHW0x2GvfDCPoxfa8OjpRyql-LZ3vT1_h2mdVZwmHPmVc0qaBoAz1efJeSP28C6zOnSzKwUXlUGZq9B7O&sai=AMfl-YRzWVCteXjKNG2hJl77lvaMUytak7caLE2f8OqXTK9q2pg_wy2U2iKqlTQmSmTtuTKGLRjpCigO0fODdpeC_UQJ_m8uG5X7O9Gylxw9yCrfcA7jFz2_qLFKx7hoejzQY_IhQf01MuP1Q3Xtag_436UqqNGsMRt2aQu-D2p2Wv9uY4enhyK18w3s2ytlBQQJpxm4hYbOsQ_ASNDhIQVhmlIEVmQm4P3kZWYz5vpy4eQsezjWPQku4TemAPLuk3hCu3QhTBFMIQwKaq8-qtoo-W1SxqGqlg&sig=Cg0ArKJSzG9IHiu5i5lBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=95&cisv=r20231031.63843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B6C 38 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 11:48:45 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3B76 236 KB
63 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:28:44 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/ Frame 3B76 13 KB
3 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a695ae5a46c2ebdf876ebb8758a3cb4f71340731ea11d4f01174363b9baea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3096
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

GET
H3 200 bgrd.jpg
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 2 KB
2 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/bgrd.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e5ed0e2610f8c7c1b68d3524698735f4e0a334fd78398d9ee11bc3e471cb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1633
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59BF 0
0 51ms
51ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXxrjygmbcPPLHUf82EdcJKKVYCaHqCEW000Nm8eu3fu8utCFqfMglJLtkB_ddv-iferX_1UR3s3eqT5pqepmTP9mUCHA-XboyQp3yHNZSqgKava6ZgMhBp1PRSAWY9J31CA-2zt5LRECQUkJlIbtRW1_fyY232_oLabTtl7bfeVkhvOv6BDfhfU_Bu9kBBMDtbbIPXfZ16hRiZw-1h4C-1rF84T-USBMbknjPrQPSXiVpcKYhKQOkUgJgZDsSoNEPzqQZtN7q_9UJkd37PWGS2nN1HxEMOTy_-nt7CZXoJPt9La94Zqd9Ynee_GUB8ecpGguxrg5e5Qdk3eOjskl_MYhe0pJmFdFNd-1VzIpdF-5eySzCqjP2091ZOG8RtMnO4S63BYUTmwtxW2DH8_8VUfXMzn1S_lwF9c96Izum5qqiR2Kw9-NoM7i8DxoeduYADiDGnMrgcnH0YoVWq1owpxfw0bNv9taeC4B04IcJ9Khnvh9woBp8Ll4uq0nvJHeeV67gOsxc9tKl06fb5PrWyPv06dXQPTA95ki35mxj7joFxoZEZgyQfm9L-POW6tiglMDH9i0HNHBDoT4enyxN8FN5AJre9iL6wLWGuyKgtRtbvMs4_pRwY6QuJsgfZQgaPVTLd8BOsUebQ3E3nHTsuerYcmprqbceq8i-QfH6H70vbKubMKdZJ7Jg_bCbXPoIyaxAfNnq9i9qQiIyz6hpOIEm5Qw2q8BtMEW7-e_J0FvQGzwj__rWTEDzDaOkInlL43nPFKfQxY6ZUa9GJpKyitmqciYDeWZZ6jJBzPgrAPl5JHkrH9vQ2kuvk5HA8Ay5D9dNYL4CHAJOFW0vjrzsZq9ga1Aq50reHXJ9-lq8dcrZGCqbvWS0a9CMuyZVAU39_Wu-E5gax0qSnPvXKw22B8wKOat-LjwcjKbwNjZKrYX_jDhKi5d5hlOygE8jy-OQYmVZFcbKBfSVJ-h5MZS-LhkkztbXNX5sXTOFxqnXARC6cqBt-_l0bHr-XFeQWkP9zMVjp0mWkHaAgItmfEvqJrLsOv6xRJrjRNiesd8NuZ8cyeBKXGWh7WWKbGVk4Bb_LtA7whS5w6cUgWBgV7NUY41umiUbc4j5HGDhKyqP92hmN9N6UOMMrp8pOP59feTh9PXXvvbas-UPLMbXSlLShkec5W5_pQO0iI7D25tcZ9PUHW0x2GvfDCPoxfa8OjpRyql-LZ3vT1_h2mdVZwmHPmVc0qaBoAz1efJeSP28C6zOnSzKwUXlUGZq9B7O&sai=AMfl-YRzWVCteXjKNG2hJl77lvaMUytak7caLE2f8OqXTK9q2pg_wy2U2iKqlTQmSmTtuTKGLRjpCigO0fODdpeC_UQJ_m8uG5X7O9Gylxw9yCrfcA7jFz2_qLFKx7hoejzQY_IhQf01MuP1Q3Xtag_436UqqNGsMRt2aQu-D2p2Wv9uY4enhyK18w3s2ytlBQQJpxm4hYbOsQ_ASNDhIQVhmlIEVmQm4P3kZWYz5vpy4eQsezjWPQku4TemAPLuk3hCu3QhTBFMIQwKaq8-qtoo-W1SxqGqlg&sig=Cg0ArKJSzG9IHiu5i5lBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&vt=11&dtpt=116&dett=3&cstd=95&cisv=r20231031.63843&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 59BF 63 KB
24 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a908b76ecc9584c2a54c3111b2af4d66b3840adb9c69833d23825c6bc93924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1790
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24042
x-xss-protection: 0
server: cafe
etag: 4387339980710972037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:58:54 GMT

GET
H3 200 btn.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/btn.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cba859fabe71c5dd2a543b30f7fb6df267d042986dc79f863dd79edfc5befb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1720
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

GET
H3 200 dasW.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 205 B
232 B 14ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/dasW.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6085379d75af8f867776e7d23eef41b6c9c0c2d6395342d602da7dadc676621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/h1.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c35541fa7f5ebfedc51c2242d582852acbbd6b942187c0213a255bd271c19a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2901
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B6C 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BypqoDKRDZcjKE9_Zx_AP0KawwA0AAAAAOAHgBAI&bg=!8POl87zNAAbo5yKYyOc7ADQBe5WfOHHiCay0elYtQ6n3ieYDU4X0vgf7Kkpzbs-fWQSX9ivpEfBd9np7rULJvLqmg521AgAAAGFSAAAABmgBB5kC-K8rF-A6BFatmOTJGPtjCM9TFMeZ-sFeyjSivtFahfIiEV8YSipGqF5UWgWh1bjF8tWhyrrVP0aBYQH4UsBZDG89LZhi7suU7XOcpCI06TmxCUWMOWT1tah_Yia2yjbdH-y6HPIEXzy5iWAMoNBLe6hoxJNUZOaHWya35EulUtWLW9Y-vFozHClari8p6oOG-tVkh6GnRLKiI9o6JndTX0s3Y5FS1si1_XpNPpGD-_4K78svFbkx7quadXBIiz7PW5KfkQM52bPO3uYWGw-Hn2wPd2qycogzgBu7H6YK_0JhjSGyg0PN_LtlgL4JdXJuryOsMNPrXFoRiUEF1BOgLTFNTAxZaokjZAbA0maAdX3K52OYtyMM76GDoUS_qHbXwoOLhvAXOG0Zy1axkJut7cxX9sEIW5_6XyJc7jI29c8PpmPbfwbVqMm_nuSlxRoS4ONY7WOj-HBMeoU-D8WK-5EeQUmq2Tc1UI4Izw3SZj88fJWs8Z3zOVn6OQb4zSF8TZt780srMkpv2aSjBxm0obveivh5nT4KEI5wBod90ueziJhyMCV_cpkmWZrsSrMMFVkRJqIOWjYUDXd-DWTPSg0tOJxw3Bg3oBbROZrSVm-MmIxQae0J__CUpAS3dqiRrbLGTPHr-6uEdEfpNB3eOGpzrMGIkG3DRSv5Rf7015KMTxU0dR38EAAi1XMs92ykqDU68R2n3kE-dwcZkZlEjoALItAoHovrJTd3AKlzHPN8gXNK-WP4vJ_HX9FfEpFDd4ONSz_Vp5LAdOsUTr-5qIEugF152eC831drzbuKdhIjpO5op0W-3BLZr9DSu3TZ0eIAAZZC0Y6EeOzRKLq24nmG2z8jXLMB2IYFSSuWdVB7U-DrFsn6m3lQd7XOV5Blxaau8nsvj7reqFN1G5WOaccu7iQaZmvnYLqcTGeU9oSv5bBFdrcorkaiRdduw7mpSqBYhtF1HaYK1g1nPCiM__AtnnZxyajJyZfkfnY0mL9Xw5v3mKXuEyw

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kontur.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 136 B
163 B 15ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/kontur.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e5e31748c71fb3f59e14910e9cb30c0b8ec028aaa58b6c4efa172857e4e0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 99213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:11 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 59BF 0
17 B 34ms
34ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~loh830jg&chm=1&ctx=2&gqid=C6RDZe_VCYi7tgfL1L-ABQ&qqid=COrf7e61pYIDFWiDUAYdRBkLCw&met.4=fb.6~lb.6b~cmrload.84~ol.c1~bdt.-4ux~bpp.-11i~idt.-11i~dtd.-115~dt.-11j&met.3=374.8h~113.e4_4~113.e9~112.e3_6&met.1=1.loh8305e~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.7k~23.7k~1.loh82z4a~6.0~7.0~8.0~9.0~10.0~12.7~13.10u~14.10v~15.10x~16.11h~17.11h~18.11h~19.1d5~20.1d5~21.1d5&met.7=CAUQCBgBMAE4AQ~CCgQBRgBIAooCjBFODtoDnBDeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAooCjBtOGNoC3BleK_4AYABg_YBiAGNxwWwAQG4AQM~CB4QChgBIAooCjA-ODRoL3A9eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAsoCzA9ODNADUgNUA1YL2AaaC9wO3iaRIAB7kGIAZifAbABAbgBAw~CCoQChgBIAsoCzBmOFxQGlg8YCZoPHBReKbxA4AB-u4DiAHUpAywAQG4AQM~CBwQBhgBIAsoCzBJOD5oDXBIeNYCgAEqiAEqsAEBuAED~CBwQBhgBIAsoCzBIOD1oDXBIeKwCsAEBuAED~CBwQARgBIHMoczCvATg8aHNwrgF4rAKwAQG4AQM~CBwQARgBIH8ofzC6ATg7aH9wugF4rAKwAQG4AQM~CCgQChgBIIoBKIoBMNMBOEloigFwygF4p64CgAH7qwKIAejaBbABAbgBAw~CCkQChgBINUBKNUBMJ8COEpQ3QFYgAJg6gFogQJwjwJ4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBINYBKNYBMO8BOBlo1gFw7wF4miOAAe4giAGAWLABAbgBAw~CAkQChgBINsBKNsBMPYBOBpo3AFw9AF4-VyAAc1aiAGM8QGwAQG4AQM~CCcQChgBINwBKNwBMO0BOBFo3QFw6QF4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBIOABKOABMPwBOBxo4QFw-wF4lgeAAeoEiAGWCbABAbgBAw~CCcQBRgBILACKLACMMICOBJoswJwwQJ4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBILkCKLkCMOoCODFQuwJY2gJguwJo2gJw6QJ48heAAcYViAGUPbABAbgBAw~CCIQBBgBILsCKLsCMNYDOJsBUNICWJkDYOoCaJwDcNUDeKwCsAEBuAED~CCIQBBgBILADKLADMOQDODRosANw4wN4rAKwAQG4AQM~CCgQChgBILIDKLIDMPgDOEZAugNIugNQugNY3QNgxwNo3QNw6wN4lr4BgAHquwGIAYj2A7ABAbgBAw~CAUQCBgBMK8KOOkNaAdwrgp4tGyAAYhqiAGZigKgAcj1_________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 59BF 0
17 B 34ms
34ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~loh830jn&chm=1&ctx=2&gqid=C6RDZe_VCYi7tgfL1L-ABQ&qqid=COrf7e61pYIDFWiDUAYdRBkLCw&met.6=6.1_Cg0Y0wEgNSoGCAESAhAB
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lasche.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 969 B
996 B 15ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/lasche.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4279a0fbade52c0926a5b20fc4eacd69d4bdb4dbfa9b855be4acd9ec854a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:55:12 GMT
x-content-type-options: nosniff
age: 99212
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:55:12 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/logo.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76598c4c6cea9e61f3ee7a769240943b8bd4fbf7f4e8c5d095e4407075ccee1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:56:47 GMT
x-content-type-options: nosniff
age: 99117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2620
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:56:47 GMT

GET
H3 200 person.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 4 KB
4 KB 15ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/person.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d490614faf38d05ab1acdc9c0dcced611810b0975f44f745efc663e20cb5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:56:47 GMT
x-content-type-options: nosniff
age: 99117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3888
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:56:47 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/ Frame 3B76 811 B
838 B 16ms
16ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/images/preis.png

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d94e57e31652b8c341ade399e2f52fc46a9be5d3b4346cbbe660c67398921cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1712748087413309440/km-Display-25GB-Allnet-468x60/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:56:47 GMT
x-content-type-options: nosniff
age: 99117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 811
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 08:33:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:56:47 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 1ECC 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b917fb36156c12219b1badab527856ec5101523a7cf88e67b7610702683d78cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
server: cafe
etag: 18338420715545796318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 18:19:33 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 873D 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/error_handler.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b917fb36156c12219b1badab527856ec5101523a7cf88e67b7610702683d78cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:19:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
server: cafe
etag: 18338420715545796318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 18:19:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 873D 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgE4UAXIUkfh6nsWY0SFIGcvutrZ5kzah-Oj8RMIqz369K3-7IrHrWojTnhT-l2D9FTt430WjY7jnjbBhBnlELY_9gvC8GScg7wNjpOsQpa-yiGEc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 873D 3 KB
1 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 12:40:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 873D 20 KB
8 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 873D 0
0 69ms
33ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqqZANOXp3wf7p9m4MhaSDZIBV5cRGXXs51gm0QHnhlVtUP4E_iU0ODdjqPq977Tl4lShjxdhG43gvHJDA4zhLfPSYmw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 873D 189 KB
59 KB 344ms
343ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:28:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8ED6 624 B
242 B 55ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXXJyneGqr5JCctL6GasEwTSOxX9_x1MndYFdz2pA0MhWvjOxXkQTCkjsbBp-tlU2R4k_58nhiXZ79KJSp6d9u5Xc_t5qndsUyWNROFB9fNywoqcIseT52w6RdtOtB0pZ9VuCOt2bWTDkabtWMyDP1KUPyP3p9AafAr6xtf6CoWW909VAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 873D 111 KB
39 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:17:59 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 873D 7 KB
3 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 873D 23 KB
9 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 873D 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 515446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3456 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16906218755272191985/ Frame 979F 28 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dde3406d6115ea915e9cbd2b2027debca764ca47c9aad997015b5b9a26f03b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 12418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5506
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 10:01:47 GMT
expires: Fri, 01 Nov 2024 10:01:47 GMT
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 873D 0
0 67ms
65ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjvMLYhd-1EgKxKV6AaOJKLvWNXI_daW8qVXarW9xVWTsCfLxncmMgAmynXYUTjTN0hIWnP5rc-vvJ_R8OWyVeHNFlbLmB1kKAnPuntMJ6pqVraqBMvrFFR1xLFDVo1jRd0KglM6OirEhj5ec2MW76aQUBEd3lnlDp3fqdw2bi0j7xOaARzWcyOHMQjK2_em7MjOFs-Ccg5ggY_QTaedePGKnPnlNaj04QrlZymOSmhhzwMIVFfRa0FL7vaSCWyRl1Qhvm3yBYWI1QeGAIhVBIKMxC0TLgGJJ5HqEQhA8dZYnX68fYwrJoD52IP1ljg51D5hKer5NuW0DMJ5wxJal1m3L6i37scXQX1paqyrNGKzDGPxFNoct5rW5aauYZxKEkyb9vY2p8QDh77MEyd8GbwL9RAIHWBdPWNN0QJYWr3fG1_j0WbeTdXYQ3dzChAFQtRkuAXsTeGbkodwfnQfgOuG3IAjEKGvLxl0esOTQZ5Q9SAYizg15k2FNjfKd9rqQDOxdyeJ9rdLggENUMB-cTSx-QS6y_Nr68VKPn_vawIavUmgkrCsXAxi4qEX1O0Xn8SK-ZiWZ16SZeEVcc66tr1KLeY3oBPYpHUAabz3NvHwrEZP5pA7HdjaVE7iRxlZ2mE_rTQ_FuICVT-vs8CqbJj5sBZEIcyA8YzLfYd-rQLI3Zn8hnIfmAKNlwkz48RBCyzf_txJqukSzcfHAyvt0Dud58_QtIsZTSEsnVKMPJEWK0d2-mswJ23tOuwQ3omW0PVgooXjr7-y6zFwptQdHfhIbPPW6Mmw9s5HSHk_nx7yozu9Lv6X0AvT2x-XG9hhoVW2FdE7LwlZ9E6XJK0CVvAnppob1UE4zU9R5fzTu-bn-u8jVSjQi-TupN3TlPOGKeNleXiM7ZYNlpdWqWfbRoSzUBNNVJR5TcNUq2UZLClHksc6ZNaQdH_-m2A6q3RseSYKEdHNUMxYZ9ahXoD1JJfsGbKEIg0Sd8Pyva6UvOgVkD2__TU2J5IpEfEdH8R5vZPNPasCaKz3wwkIDr5i_6zkCv7nRpZuChxQjJOMAkgsGnXQjTwZRWr6A7MtlHzW9xoGL5lYg_Hk1eW7nyncmh_RCLjCXtmR2O5jT0ggG8iZI0x6W2IrVWt7IZRGNGwI5o9ZHlfp9Gr9QFBDigCwI6HwtVbYgu24I3YpzAXdlBUqYqX4E2p5ZbBbNcLGB9CY6f17zRCLCX_zHApPZAq2Y-wkLvA5xspzyqpkPJJLVqzXGNKg&sai=AMfl-YRqI_V66-PpSKAPwmkyviFidZEH-PxQuf9MEZPwh_ZH6Tty-ggIE6_QXDnzxz3hLnAA6_m9MqhQT6uSqnKIt2W1AVGd1adlcfP7JnA_89Ka4wquo9n0GLw2Ma4ZK4mx6b_yl3vu6WX9KWPyk-19ZydUzErCt0GP12baZbfpUjF52BumqkNznC1O88tY7Ql0LyQPg5LAc5BB0DnKY7hj16TOSdrIjeODkRPXr0KS3Q057YXpm3smgO0evYPhChrbLEsrR5eLUzfqILQI7WjYjudN93O9qH1z8NOOQHtaWZ-9KeS9M3ZHkPo6kvAbq-ccaRvR7iN7P-wS801Nmbo3KEK2ld6DIOimXZPvNlsTl54n40fDyVaiXfTnkuklxtt_FEMQ8byyCJCIdg76kpoy0GRD2NZ4xxQy-F89hxnHKHy2Up8&sig=Cg0ArKJSzFFqVavcyHhDEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=24&cbvp=1&cstd=22&cisv=r20231031.42584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D4BB 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 515424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 873D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86c465e3326d82e10af4d276bc14d14343d044530a3587469828460440f55633

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3456
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1&google_push=AXcoOmTjY7JVdpfpwqBXJiG9MUY__OEBPPB0qNFQtcck0p55MTJKuuxbvlNksiAdVJsFY_BpIIqVb3KBJl6Jyq5POUvFX94n8Hn_76o
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUxNTA2MzI2MjkxODkzNTk3Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1

43 B
398 B

58ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Nov 2023 13:28:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOmYextdvshxrmAVvKna9mo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 3456 43 B
458 B 194ms
190ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEAIgUbs3xb0paUeC8kioUtw&google_cver=1&google_push=AXcoOmSI_fug63Xaj3cr9h0-V1SWNbBLFme63sXhC6Zq-ODbGaWEcgEFLN9nMspb7urHwtJ-YcnkFjZrFMPpMlFIHDkCpErl92jCqxU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSI_fug63Xaj3cr9h0-V1SWNbBLFme63sXhC6Zq-ODbGaWEcgEFLN9nMspb7urHwtJ-YcnkFjZrFMPpMlFIHDkCpErl92jCqxU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81fcb8f27f9c9a15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3456
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK8lTUZ1cRJzdLOVRIG-Gvs&google_push=AXcoOmS-d1Cl7yPG3hWyTH1_fF8vSErWUNkqRRlYFxoF4VYXW5eh5RKpaW...

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK8lTUZ1cRJzdLOVRIG-Gvs&google_push=AXcoOmS-d1Cl7yPG3hWyTH1_fF8vSErWUNkqRRlYFxoF4VYXW5eh5RKpaWtLcOf20BwnzNZMHAqPIfzeRDT0sc-kSBlOkks4w-vk5RI

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230135-FRA
pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698931725.240148,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK8lTUZ1cRJzdLOVRIG-Gvs&google_push=AXcoOmS-d1Cl7yPG3hWyTH1_fF8vSErWUNkqRRlYFxoF4VYXW5eh5RKpaWtLcOf20BwnzNZMHAqPIfzeRDT0sc-kSBlOkks4w-vk5RI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3456
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGUFHr75PyAj5agLHmhBtzE&google_cver=1&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWD...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Njg1NjE5NzAxODM1MTc1Ng%3D%3D&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWDnqAH...

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Njg1NjE5NzAxODM1MTc1Ng%3D%3D&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWDnqAHB3hD0lTFJbdIM

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Njg1NjE5NzAxODM1MTc1Ng%3D%3D&google_push=AXcoOmRiPmuDT83n1ukAx6iC-VuiNvi-iJyTfS5_T_bc6EX_k2KiD_Sa3jmn3ahYTYuvOoBuiiJxyEgZCGYsWDnqAHB3hD0lTFJbdIM
Date: Thu, 02 Nov 2023 13:28:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3456
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM7_RA1xlKg8BVRKJ2U0ImI&google_cver=1&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxN...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8h3O8eHSSoAKpHLHanoxlQ&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxNY291MuGH0nq2yg

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8h3O8eHSSoAKpHLHanoxlQ&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxNY291MuGH0nq2yg

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 13:28:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8h3O8eHSSoAKpHLHanoxlQ&google_push=AXcoOmTzXT6U6hhpfrIX8Zw8XxcBB2DGxajabexuRM-KgUsNeo_-JRryQ_NFOLY-FeqYV7-BqDxaRYtFfoXc_uxNY291MuGH0nq2yg
x-host: tde-deliveryengine-production-bb588bf9-7848h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3456
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCtr5c-y9t-pqsYQskdMhk&google_cver=1&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U1taYx0Zk&google_hm=eS16dVBwREtKRTJwRVl...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U1taYx0Zk&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 13:28:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWbtRgLm0w8GV0y1r7UxI819QG3r-KfXW0qCQejUlBFz2yJRVVrlDrc_YT2JJojVsqpu49ag9gi-3VL6VvSQscl1U1taYx0Zk&google_hm=eS16dVBwREtKRTJwRVlXbWprMHI3UFVuM3Y2SHI5VUpXcn5B
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 3456
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAJQIGJ9ri7x...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmShrFXu0217uSXLe_KrCVfz-KNyfTwD0p4CU5R_jVc0pXeF60QftCNSxekiDN0YwvI6cK7-tCFzZxfEi-y_uOujdsbObPaADZk
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

32ms
32ms

Image
image/gif

23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1698931722&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fkonustucocuklar&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698931722811&bpp=2&bdt=4946&idt=-M&shv=r20231031&mjsv=m202311010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c61a21deecc6a89-22a0cdfc25e300de%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw&gpic=UID%3D00000cb133416042%3AT%3D1698931718%3ART%3D1698931718%3AS%3DALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w&prev_fmts=0x0&nras=1&correlator=8030620920503&rume=1&frm=20&pv=1&ga_vid=225954542.1698931718&ga_sid=1698931718&ga_hid=622976161&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C44806139%2C31061691%2C31061693&oid=2&pvsid=2322894111308848&tmod=1253057063&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=TTXowKGeVh&p=https%3A//s.id&dtd=6
Protocol: H2
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 13:28:45 GMT
pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3456 0
12 B 23ms
21ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZp3aSygI4YWnPhK7OgRzDASBhY8gDW-H76svk0nTt-ML40en6UkcNyB89E22Trt7-Y8lIkA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 0717242f3acd4935e3ae22056ad67479.js Show response
s0.2mdn.net/sadbundle/16906218755272191985/ Frame 979F 132 KB
37 KB 16ms
14ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/0717242f3acd4935e3ae22056ad67479.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a9baaa810bce026c3eebe92d3e06dd30ce107f8acbd02edc127433f03f619d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38353
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 20:51:10 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8ED6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1

43 B
730 B

29ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXXJyneGqr5JCctL6GasEwTSOxX9_x1MndYFdz2pA0MhWvjOxXkQTCkjsbBp-tlU2R4k_58nhiXZ79KJSp6d9u5Xc_t5qndsUyWNROFB9fNywoqcIseT52w6RdtOtB0pZ9VuCOt2bWTDkabtWMyDP1KUPyP3p9AafAr6xtf6CoWW909VAQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Es79WOh9jPFbdCRzEi5snuTIZXgc3OAb62KhfA0kCr9r4nuc8PLULfL5vw3a%2B1VpO1PIFIu5QHGaEQxsJTGfoXn0muWxOHKC6yHQvvMTOlR4LWg7qU6EJuirCT7Y8ojg9xF35Z50dAM0vA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81fcb8f2a969926d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8ED6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUOkDIC-0K7xAJaIFWaijwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1

43 B
730 B

19ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXXJyneGqr5JCctL6GasEwTSOxX9_x1MndYFdz2pA0MhWvjOxXkQTCkjsbBp-tlU2R4k_58nhiXZ79KJSp6d9u5Xc_t5qndsUyWNROFB9fNywoqcIseT52w6RdtOtB0pZ9VuCOt2bWTDkabtWMyDP1KUPyP3p9AafAr6xtf6CoWW909VAQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi4kDbD4Ke7sb0xhWWwX8l0YAHi4vYHQTlpQSzvGQH8GBzUn4VfGjVlkClfLB9g1kRq1DJe8wFwyR2QKmdid4hN6A5qQZeWz5TW6ULpvBi4x4aPxfpsu%2FYd1tmxK3ZxF7a9FHYyYUsukHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81fcb8f2d991926d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGs4pMCJWuqoMYT0NPKfsTI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8ED6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHwS6RREtoqDlqrU6-Kdb5A&google_cver=1

43 B
844 B

14ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHwS6RREtoqDlqrU6-Kdb5A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXXJyneGqr5JCctL6GasEwTSOxX9_x1MndYFdz2pA0MhWvjOxXkQTCkjsbBp-tlU2R4k_58nhiXZ79KJSp6d9u5Xc_t5qndsUyWNROFB9fNywoqcIseT52w6RdtOtB0pZ9VuCOt2bWTDkabtWMyDP1KUPyP3p9AafAr6xtf6CoWW909VAQ

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
an-x-request-uuid: a4b56b46-a5c0-4794-9c71-d8e8c95ee7c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHwS6RREtoqDlqrU6-Kdb5A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ED6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

170 B
188 B

22ms
22ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
an-x-request-uuid: 0a320d58-8fb5-445d-80a3-a5650021731e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQyNDM0NzMxMzU1MDE5MzA0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame D4BB 38 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 11:48:45 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 1 KB
642 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 06:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 06:15:00 GMT

GET
H3 200 f7d6b92827ad7bf1382132253d383140.png
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 20 KB
20 KB 32ms
31ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/f7d6b92827ad7bf1382132253d383140.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e7203c68de90b452163ce585148b4b12cbc56c769cf7c3ce51a79652347249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:06 GMT
x-content-type-options: nosniff
age: 511839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20314
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 15:18:06 GMT

GET
H3 200 35912e29a93206208658a2ec90f1df64.jpg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 8 KB
8 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/35912e29a93206208658a2ec90f1df64.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11564bb7b368ff12a5497f5630eca275f47e7086513db424e30663bcc1fb9c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 07:15:35 GMT
x-content-type-options: nosniff
age: 22390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8378
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 07:15:35 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 5 KB
3 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 15:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 15:11:37 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/16906218755272191985/fonts/ Frame 979F 173 KB
80 KB 19ms
19ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 03:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 03:27:03 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 873D 0
0 52ms
52ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjvMLYhd-1EgKxKV6AaOJKLvWNXI_daW8qVXarW9xVWTsCfLxncmMgAmynXYUTjTN0hIWnP5rc-vvJ_R8OWyVeHNFlbLmB1kKAnPuntMJ6pqVraqBMvrFFR1xLFDVo1jRd0KglM6OirEhj5ec2MW76aQUBEd3lnlDp3fqdw2bi0j7xOaARzWcyOHMQjK2_em7MjOFs-Ccg5ggY_QTaedePGKnPnlNaj04QrlZymOSmhhzwMIVFfRa0FL7vaSCWyRl1Qhvm3yBYWI1QeGAIhVBIKMxC0TLgGJJ5HqEQhA8dZYnX68fYwrJoD52IP1ljg51D5hKer5NuW0DMJ5wxJal1m3L6i37scXQX1paqyrNGKzDGPxFNoct5rW5aauYZxKEkyb9vY2p8QDh77MEyd8GbwL9RAIHWBdPWNN0QJYWr3fG1_j0WbeTdXYQ3dzChAFQtRkuAXsTeGbkodwfnQfgOuG3IAjEKGvLxl0esOTQZ5Q9SAYizg15k2FNjfKd9rqQDOxdyeJ9rdLggENUMB-cTSx-QS6y_Nr68VKPn_vawIavUmgkrCsXAxi4qEX1O0Xn8SK-ZiWZ16SZeEVcc66tr1KLeY3oBPYpHUAabz3NvHwrEZP5pA7HdjaVE7iRxlZ2mE_rTQ_FuICVT-vs8CqbJj5sBZEIcyA8YzLfYd-rQLI3Zn8hnIfmAKNlwkz48RBCyzf_txJqukSzcfHAyvt0Dud58_QtIsZTSEsnVKMPJEWK0d2-mswJ23tOuwQ3omW0PVgooXjr7-y6zFwptQdHfhIbPPW6Mmw9s5HSHk_nx7yozu9Lv6X0AvT2x-XG9hhoVW2FdE7LwlZ9E6XJK0CVvAnppob1UE4zU9R5fzTu-bn-u8jVSjQi-TupN3TlPOGKeNleXiM7ZYNlpdWqWfbRoSzUBNNVJR5TcNUq2UZLClHksc6ZNaQdH_-m2A6q3RseSYKEdHNUMxYZ9ahXoD1JJfsGbKEIg0Sd8Pyva6UvOgVkD2__TU2J5IpEfEdH8R5vZPNPasCaKz3wwkIDr5i_6zkCv7nRpZuChxQjJOMAkgsGnXQjTwZRWr6A7MtlHzW9xoGL5lYg_Hk1eW7nyncmh_RCLjCXtmR2O5jT0ggG8iZI0x6W2IrVWt7IZRGNGwI5o9ZHlfp9Gr9QFBDigCwI6HwtVbYgu24I3YpzAXdlBUqYqX4E2p5ZbBbNcLGB9CY6f17zRCLCX_zHApPZAq2Y-wkLvA5xspzyqpkPJJLVqzXGNKg&sai=AMfl-YRqI_V66-PpSKAPwmkyviFidZEH-PxQuf9MEZPwh_ZH6Tty-ggIE6_QXDnzxz3hLnAA6_m9MqhQT6uSqnKIt2W1AVGd1adlcfP7JnA_89Ka4wquo9n0GLw2Ma4ZK4mx6b_yl3vu6WX9KWPyk-19ZydUzErCt0GP12baZbfpUjF52BumqkNznC1O88tY7Ql0LyQPg5LAc5BB0DnKY7hj16TOSdrIjeODkRPXr0KS3Q057YXpm3smgO0evYPhChrbLEsrR5eLUzfqILQI7WjYjudN93O9qH1z8NOOQHtaWZ-9KeS9M3ZHkPo6kvAbq-ccaRvR7iN7P-wS801Nmbo3KEK2ld6DIOimXZPvNlsTl54n40fDyVaiXfTnkuklxtt_FEMQ8byyCJCIdg76kpoy0GRD2NZ4xxQy-F89hxnHKHy2Up8&sig=Cg0ArKJSzFFqVavcyHhDEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&vt=11&dtpt=87&dett=3&cstd=22&cisv=r20231031.42584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: s.id
URL: https://s.id/konustucocuklar

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 1 KB
642 B 14ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/0717242f3acd4935e3ae22056ad67479.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 06:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 06:15:00 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 5 KB
3 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16906218755272191985/0717242f3acd4935e3ae22056ad67479.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 15:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 15:11:37 GMT

GET
H3 200 705ce379bbb5e3c3f3df5816e1ec857c.png
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 7 KB
7 KB 14ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/705ce379bbb5e3c3f3df5816e1ec857c.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff9781af7fa6d77e77d50ec59e7280513a347e9cb7be6bcad24f11603e6bb208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:53:37 GMT
x-content-type-options: nosniff
age: 9308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7007
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 10:53:37 GMT

GET
H3 200 f7d6b92827ad7bf1382132253d383140.png
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 20 KB
20 KB 15ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/f7d6b92827ad7bf1382132253d383140.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e7203c68de90b452163ce585148b4b12cbc56c769cf7c3ce51a79652347249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:06 GMT
x-content-type-options: nosniff
age: 511839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20314
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 15:18:06 GMT

GET
H3 200 35912e29a93206208658a2ec90f1df64.jpg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 8 KB
8 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/35912e29a93206208658a2ec90f1df64.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11564bb7b368ff12a5497f5630eca275f47e7086513db424e30663bcc1fb9c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 07:15:35 GMT
x-content-type-options: nosniff
age: 22390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8378
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 07:15:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4BB 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5D4dC6RDZeyLCqKKwuIPxaqCkA8AAAAAOAHgBAI&bg=!fn2lfTLNAAbo5yKYyOc7ADQBe5WfOMwavlrUbJVZuE66mvSykCXAqPvfF0sEJBUP9vSJnnCrI6cqr0-jNZSFIEomMfsFAgAAAE1SAAAABmgBBwoAa5wfLlyk6hW3cJebkzX3szSLQcq9j1i1S7N2MVpeEP1YMXeKekQSML2Dx3wU2cZhBgZ1xc92ozOXumX7v7tQoB6bCtPcRWDWbY7WL2opAHfswW7ojOphrtOf3s-inbzpitI2cIPyR1qEdVFkmQMIKw2zyQfgFLFw2DPPEeuiejD9fqW6S-xihiM57ql2dbIUbcCwZ2hEOWi95ebCkSeGUHm7_Tc_zgqvLmfDS2r5Lu4LWwaO2pKhmQxMDUolgdcD5tX6RKCu9GeAL6QsjpoFJ9JtOn2jmQHLkDx0pRzJsUhCeA0YqqRbZr2AyXLfmtUEYSnnM3oixMInMXoKImeXNMTGQdpRwIWBlG9pqermFxF5fKAJXAZVUR-RK0NZmDX9rkU8L4Sow0HbaR_90v4m2TRa7E3yd9BqDWOUWFS4wwVhYnU72V2oUycmTld8-lEZJ5_FtMAlKSAy1hZbrRYdM9cOaVEKNTNeeBLd5EXPc1eoOTHbpBmwgUaSADvkZUvuydLiycYEMKnl93gBFt3AIzBA9HOh7K1YapNdwjczl479J4hF8m-RB44FV41kMmFiP4ghDVSBNodulAWYolF9qYIuoAMySttiRfRB9PkIBiVVkKc-fxsdRvZa6JRAPgdN8yYBiUZNLnBv1Wm7yfCj24WTCMKGNwiJFDLn8-5d7N_GrhdpBECCbflc-SXssblERpwOFPY7BteLeUa9GmzTK__KaITEi1s_pNmM9jhiAn4QP3e7v7GEfTzI9YQ4AcmPlgqjAfSZRj-IDN6LLku3apKRq0XNq7D_46xjTjJbOpjKLDuvBTxiEMWdVTbtN7T_PQpIvTboBHV9k1coOmMz8asUqPP0QQ7cwrjACf1DuoPSAtLEu2dlFJExnFK1zRYPa2qZxX2bgZGs0xbzcHCpAgvIohPf8pjX-CzzfWQgbWx8FzpfTDTkNILIZ38iGnsN3hZOx3239-nhJ-2MlsdzCVoPHi2Kw3R6RoGFPIxywLdB3l_p5NuxT6D97kbDg-zuuOxFaTaNGyq5VsgvSD-nXxi_lYXBvAB_Ok9scGEbkuSZS9QEZlGyCLWCf9AgR-j5Fz-aRkRT911-FdO1pbqLuGe997h8fmE1j8X5rVL2rUSTbDKKJyixTP94K6JKZCEJDq3_j3DHDqixTX-gdGZW7KzF2H_heWA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59BF 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQp0X225WiSJIO_g78t2P7iAZaFvywTbLSDrL4l9EI8QROj1eXGvUfzH9LFjUI5nNMZdKmdcBTJA3PyoLTt7J7FxnxLvcP1L4il4S4PvdzJTTeq4VktV4lw3VXZg13KDWQEJ_g-msaEef6&sai=AMfl-YQgpv-Pg5-4VTEej1YMcm2vp7rsKlrxOCDf2K81tsL1z-Fl_To8b9G_mq8sC84hckbqQoYApx7_AmeKKYWXQckpFQ4RhUCYr3iJbQQ4HcfQJnrYRcNcq3IoEeU&sig=Cg0ArKJSzIEm2iRG_08UEAE&cid=CAQSOwDICaaNO4QM0FP2JQbO98MWkHrM8tFajc2e_6TpKvuzypWp-dmM-O7s5by3DlDXme-5Lbc-JkIWaWgGGAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698931724162&rpt=256&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 65ms
65ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231031&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6d81ed8a8520ee6bb845ccf74b51217c08dc27e3d37a9377edea351f629b95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12201
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 873D 63 KB
24 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a908b76ecc9584c2a54c3111b2af4d66b3840adb9c69833d23825c6bc93924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1791
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24042
x-xss-protection: 0
server: cafe
etag: 4387339980710972037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 13:58:54 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 873D 0
17 B 33ms
33ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~loh83180&chm=1&ctx=2&gqid=C6RDZcvDCYWbwuIPjMWlsAk&qqid=CKy97e61pYIDFSKFUAYdRZUA8g&met.4=fb.s~lb.1v~cmrload.28~ol.bk~bdt.-5l8~bpp.-1rs~dtd.-1ro~dt.-1ru&met.3=374.21~733.ap~748.bb~749.bf~742.ap_t~739.bj~738.bj~736.bm~735.bp_1~113.cb_1~113.cc~112.cb_1&met.1=1.loh830vp~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~22.1t~23.1t~1.loh82z45~6.1~7.2~8.2~9.2~10.2~11.2~12.3~13.1qr~14.1qz~15.1qt~16.1ry~17.1ry~18.1ry~19.233~20.233~21.233&met.7=CAUQCBgBMAE4AQ~CBwQChgBIAwoDDAbOA9oDHAaeL8dgAGTG4gBoz2wAQG4AQM~CBwQBhgBIAwoDDBIODxoDXBIeNYCgAEqiAEqsAEBuAED~CB4QChgBIA0oDTA5OCxoKnA4eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIA0oDTA4OCxQDVgpYA1oKnA2eJpEgAHuQYgBmJ8BsAEBuAED~CBsQBhgBIA0oDTBSOEY~CE0QChgBIA0oDTD4AjjrAmgOcOUCeMfcA4ABm9oDiAHy5QuwAQG4AQM~CCgQBRgBIB0oHTBVODhoHnBUeIoEgAHeAYgB8ASwAQG4AQM~CCkQChgBICAoIDA1OBVoIXAueKq5AoAB_rYCiAGx9QawAQG4AQM~CBwQChgBICEoITBTODJQIVg_YCFoP3BOeKsagAH_F4gB6DuwAQG4AQM~CAkQChgBICYoJjBTOC5oQHBReOJJgAG2R4gB_7cBsAEBuAED~CCcQChgBICYoJjA1OA9oJ3A0eJ1vgAHxbIgB6ckCsAEBuAED~CBwQBRgBICcoJzBCOBtoKnBCeJYHgAHqBIgBlgmwAQG4AQM~CB8QBRgBIDwoPDBOOBNoPnBMeK4tgAGCK4gB2N8BsAEBuAED~CCIQBBgBID0oPTCBAThEaD9wgAF4rAKwAQG4AQM~CCcQBRgBIEUoRTBWOBFoR3BVeKFogAH1ZYgB_rACsAEBuAED~CCIQBBgBIJQBKJQBMMkBODVolAFwyAF4rAKwAQG4AQM~CCgQChgBIKMDKKMDMLYDOBNopANwsQN4lr4BgAHquwGIAYj2A7ABAbgBAw~CAUQCBgBKAIw2xE4kBVoA3DTEXi19QKAAYnzAogBirQHoAGQ7v________8BsAEBuAED~CBwQChgBIN4RKN4RMO4ROA9o3xFw7RF4vx2AAZMbiAGjPaABkO7_________AbABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 13:28:45 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59BF 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7736604041412&version=m202309260101&ct=76&x=1&cor=17486653446897824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBAE 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:05:01 GMT
expires: Fri, 01 Nov 2024 13:05:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A07 829 B
1 KB 35ms
34ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbee5d05ec8b367de41bf591fad75818047ccb6964be79f8b2f704149133527c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2DEA5yI0NXOU-ty8BJkMrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2DEA5yI0NXOU-ty8BJkMrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:28:45 GMT
expires: Thu, 02 Nov 2023 13:28:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame CBAE 38 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 11:48:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A07 0
0 58ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231031&jk=2322894111308848&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CBAE 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MJWBBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:28:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231031&jk=2322894111308848&bg=!wcKlwo3NAAbo5yKYyOc7ADQBe5WfOKgr1HXpdpZo4ipHekS9mAy7v24b9y2ZSSnveyjd-ClOFMCkLBIdd1kWildpwhrSAgAAAFVSAAAACWgBBwoATZVAu7UyXUYKAPbHED2eEcV0we9SyKY-Rl5nIAakFY2RtEk0EZbU611NyJDhWIxAa4oURSylaztYW-Vi8RDyccCRZVEyPMjYqRKkE8lrmQKxZg9JdwODUzpW5tgLKoxuEXW0xVMVcYSMVNzZ3Gtsb8tYzCcLIKbmBn53ScfHGW_ydEl9HelWZxla87dReoM0DFcBvXGNjfxDZujYYKgCxeBp1aiNefRsJMhUhwuHlnh_0p48vcFZg3isXFaIenWphf1CCXMoZ2Ax6NvtNplplrHpDCm7mle7_N9gzSD7bfssKWrj_KxGlC4V6b3rcg1ZJjiQ_9mNzAIL8y4VaqBK7EvacLhdCldnVhZzkuasvSqDKrbpw3M4uOUXhdWEhxPhg3aksUNQxOLczjMRbMWCFMgG9tHDnZm7AGnQxH2jHB7FfQeK47E8bWlm1AhxCUYYm26z9pYz9pR_px7L-btLP2lHlmRNkc5UnNpSm19dUlzX8gUe08Wkd7TKh9W6PAAvsUw6N4IU8cuwhGdCs1EWmjB4AFsmQtO4YOfhsKew49dTjG7mk7wWKeVfLerxmmEjZ_HCGqVtUnRnzFc9XtWYfxyBDbVl2pF-OjKzvumwkBasCfbZl7A72ucqXRgScfHAb9SJEMc90oIkVNv2vsJgvdF5rfUZR0PnRUwPdt1T4c4yVe-OYNrSR836BkbzpnMa7SzdyR7Uu5ql-kE8u9Wog-CvXKYvFiXKXNAb9Rufc27rE4GK5zh-zXyWo9UxpwPfSMc_XI50H3PCqzMau9dTQ_UnXFW0m6cQAXvIyF3SAkiFv8awipdOObeEIQi4o9FWrKQuW774KCtjIJbI3tVJLDEFUEKqVjN-60mi06gnjcNBnor2HUwUzCi30LOt3XypZJ88t7YCeCqlSQqq86fFpprBGJG_zWN87OftBatoNhybN41TLYrcC-J1f8H21iQEgL3N4hs_RhkJC9_z9H9AUQLHDmOSh91Xr34EP6z9Wm5UV9o_Us7M5gKDk54CCyVptdo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 873D 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskz0ZVlXmTuhom0fjlJd6XD1OL81_r90ryH4Z810b1XvvGOsBnM534psA4ZDlgyOgMZLL0TjJ5UY9t9WB-QEbJiuGhbr5icos0yFYIjrV38Hro-Abovbd00vGmyydE4wmudxD3GqZ0asP5&sai=AMfl-YQXsUltjd42ht8kdJRwMb1OOAD_nZOAlVzby7O0RO8Zq8y8JIE0PmIaEjnineRlWNW6hO6nYnbzyC-d2fzAHSau28aiU-KpArbl-KvP7LJPpbU7oqmhMkRw5Fw&sig=Cg0ArKJSzAuMCmeR5CQLEAE&cid=CAQSOwDICaaNJ0y46dfrNktripECoK4kqSNzjxQ7zuT4PIR8oRCIidPjji26IUAObxaGnFB9rg8ZoKwR-tgfGAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698931725109&rpt=411&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 33ms
33ms Ping
image/gif 2a00:1450:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=4~loh830cv&c=2322894111308848&e=44759876%2C44759927%2C44795921%2C44805934%2C44807047%2C44807455%2C44807463%2C31078301%2C31079356%2C31061691%2C31061693&ctx=1&met.7=CBsQChgBILdMKLdMMOlMODPAAYzV2OsE~CBsQARgBINpMKNpMMP1MOCLAAaSg_KUH~CBsQARgBIL5MKL5MMIdNOEnAAYCw2fQC~CCgQARgBIL5MKL5MMIhNOErAAdPno8oF~~CBsQBhgBIL5MKL5MMJdNOFlQv0xY7Uxg0Uxo70xwlk141gKAASqIASqwAQG4AQPAAf23jOYB~CAUQBRgBIN1IKN1IMIxTOK8KaORIcItTeLRsgAGIaogBmYoCsAEBuAEDwAGQx7LwCA~CBsQARgBIKJVKKJVMMZVOCTAAaSg_KUH~CAUQBRgBINhIKNhIMLNaONsRaNtIcKtaeLX1AoABifMCiAGKtAewAQG4AQPAAZDHsvAI~CBsQCDjoXcABn72qvw0~CCcQDRgBIOhdKOhdMKpeOEJo6F1wqV541WGAAalfiAGmfrABAbgBA8AB8_LLrgs~CCcQChgBIKteKKteMINfOFnAAeLBm9oF~CCcQBRgBIIdfKIdfMKdfOCHAAZmVn6AL~CBsQDSDGSDjwFsABjYbr1w8~CBsQBRgBIIpfKIpfMLlfOC_AAc_G2uIB~CBwQBhgBIKNkKKNkMOJkOD7AAaHZ1rIJ&met.3=168.8f5~168.8f5~168.8f5~168.8f5~168.8f5~168.8f5~168.8f5_1~168.8f5_1~246.8f6~168.8zx~168.8zx~168.8zx~168.8zx~168.8zx~168.8zy~168.8zy~168.8zy~113.99n_1&met.1=1.loh82rxp~6.0~7.a~8.a~9.a~10.2wb~11.5m~12.2wb~13.3cp~14.3cq~15.3cs~16.72a~17.750~18.750~19.99j~20.99j~21.99k~22.73f~23.73f
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c01::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 20ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3au1v889124241&_p=622976161&gcd=11l1l1l1l1&cid=225954542.1698931718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698931723&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fkonustucocuklar&dt=1&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 13:28:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 d28154b4e37eda1c533e0e405725ad1d.png
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 12 KB
12 KB 16ms
16ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/d28154b4e37eda1c533e0e405725ad1d.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64c84b1b9cfdb78b6cf02453c7e5306eff2dd0aba2833f41d2cb15f91dca7029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 08:24:20 GMT
x-content-type-options: nosniff
age: 18269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12680
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 08:24:20 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 5 KB
3 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 15:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 15:11:37 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/16906218755272191985/fonts/ Frame 979F 172 KB
75 KB 20ms
20ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 12:11:56 GMT

GET
H3 200 705ce379bbb5e3c3f3df5816e1ec857c.png
s0.2mdn.net/sadbundle/16906218755272191985/media/ Frame 979F 7 KB
7 KB 15ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16906218755272191985/media/705ce379bbb5e3c3f3df5816e1ec857c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff9781af7fa6d77e77d50ec59e7280513a347e9cb7be6bcad24f11603e6bb208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16906218755272191985/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 10:53:37 GMT
x-content-type-options: nosniff
age: 9312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7007
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Nov 2024 10:53:37 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 01:17:07	Name: __gads Value: ID=6c61a21deecc6a89-22a0cdfc25e300de:T=1698931718:RT=1698931718:S=ALNI_MaE5eDW9CvqmOO7sJ49Ze_7pHW0Mw
.s.id/	1970-01-21 01:17:07	Name: __gpi Value: UID=00000cb133416042:T=1698931718:RT=1698931718:S=ALNI_Ma2Zz7jgPlReUYuVjTAmGk5mnex-w
.s.id/	1970-01-21 01:31:31	Name: _ga Value: GA1.1.225954542.1698931718
.s.id/	1970-01-21 01:31:31	Name: _ga_GTE5CBQ89K Value: GS1.1.1698931723.1.0.1698931723.60.0.0
.s.id/	1970-01-21 01:31:31	Name: _ga_LJQ0V44EV5 Value: GS1.1.1698931723.1.0.1698931723.0.0.0
.casalemedia.com/	1970-01-21 00:41:07	Name: CMID Value: ZUOkDIC-0K7xAJaIFWaijwAA
.casalemedia.com/	1970-01-20 18:05:07	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 18:05:07	Name: CMPRO Value: 5175
.adnxs.com/	1970-01-20 18:05:07	Name: uuid2 Value: 542434731355019304
.doubleclick.net/	1970-01-20 20:14:43	Name: APC Value: AfxxVi5SAHOW_0m6VyRoQ6n0t2RSeB5qVMicz3qJLgFZuEt7c50PUg
.quantserve.com/	1970-01-20 18:05:07	Name: d Value: EBgBCQGqKoEA
.quantserve.com/	1970-01-21 01:25:46	Name: mc Value: 6543a40c-77b76-d63f9-34057
.w55c.net/	1970-01-21 01:25:46	Name: wfivefivec Value: 03NpUIMv1QYxKA5
.w55c.net/	1970-01-20 16:38:43	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 00:41:29	Name: A3 Value: d=AQABBAykQ2UCEPOrTntlcfC9Guudv9lf-SwFEgEBAQH1RGVNZQAAAAAA_eMAAA&S=AQAAAuILoxtwig5ecgIK-RaIJgw
.doubleclick.net/	1970-01-21 01:17:07	Name: IDE Value: AHWqTUmXkA8JDJmosOQkeTXOpxZrQs317PW5cqgTt2E2m2zd9q-HD72kyaAw_Nzh1BY
.adnxs.com/	1970-01-20 18:05:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$IdZC^!]tcN8i_iqf!oN/@E'zz<Z0QS:LagXLQoPw)LfCdT3odC47#)?g+Hv):Lv9/X%W#.wL4W1Qw1!E21!(
.adfarm1.adition.com/	1970-01-20 18:05:07	Name: UserID1 Value: 7296856197018351756
.turn.com/	1970-01-20 20:14:43	Name: uid Value: 8515063262918935972
.travelaudience.com/	1970-01-21 01:25:46	Name: _tracker Value: %7B%22UUID%22%3A%22F21DCEF1-E1D2-4A80-0AA4-72C76A7A3195%22%7D
.everesttech.net/	1970-01-21 00:41:07	Name: everest_g_v2 Value: g_surferid~ZUOkDQAAw-Tw1wBi
.tribalfusion.com/	1970-01-20 18:05:07	Name: ANON_ID Value: aCnvQwO5nP87PRo7TCr74kvLHUk4aG7qXeVN3sPCyBqaaHasJrQE3T4Y7dG1DMkmBUa0DOQbXZcZcK20oHEEakoiO8cTy1J6rVrD2aJGVZdrHBCWjCx

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
app.s.id
cdn-sdotid.adg.id
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
microsite.s.id
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s.id
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
151.101.130.49
172.217.16.130
172.64.151.101
178.250.1.9
18.192.168.142
185.89.210.212
193.84.85.178
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.212.162
23.218.209.56
2606:4700:20::681a:7f9
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c01::5e
2a00:1450:400c:c04::9d
2a05:d018:d29:3601:9417:d03:489f:5a05
2a06:98c1:3121::3
3.33.220.150
35.190.0.66
45.126.58.90
54.93.168.0
85.114.159.93
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0a7cece063cfe6864e1fdcd8d723919bffb858ac178a146fc75c3ca6bf7b1765
0a9baaa810bce026c3eebe92d3e06dd30ce107f8acbd02edc127433f03f619d3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10aeab6daa0f60489841182d089a82b7b851def405ebd4bfd006e3c8f5d76432
11564bb7b368ff12a5497f5630eca275f47e7086513db424e30663bcc1fb9c52
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
19e7203c68de90b452163ce585148b4b12cbc56c769cf7c3ce51a79652347249
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342dc70805f7dd33497f0b3d68fd1df01ec0fdb025801a0b291abe1931c57e5d
3b81c8f33fccb59aa0e1d183d63d844aefd67a954b1077d0cdab52e72c0074a7
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
40f0371894ff78ed4d47c72193f0dfc580df4eb7cd1e7773d68ac77ab687962f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dde3406d6115ea915e9cbd2b2027debca764ca47c9aad997015b5b9a26f03b7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eca2abdbbc1998c3a286e2e83a2256be5263ccb801aa93b00c64fea891efd3a
50d490614faf38d05ab1acdc9c0dcced611810b0975f44f745efc663e20cb5f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0f46fe1baefda38c540e7b7634c766055a991e07c2249a0acfd26d6c85f9b9
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
5f41fdd2a7fac49f4cec2f62653d50409213b5f802d65401d96ff9c063816fad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
64c84b1b9cfdb78b6cf02453c7e5306eff2dd0aba2833f41d2cb15f91dca7029
64fa8666844b5f12e4eee681ee9aa58bea638568acb557afe552f8312e2bbb10
6945484621217f2b98adaa2c5b40d2de6ad77099df4cd6b0050020e6ca4b5dfb
6b4279a0fbade52c0926a5b20fc4eacd69d4bdb4dbfa9b855be4acd9ec854a98
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c35541fa7f5ebfedc51c2242d582852acbbd6b942187c0213a255bd271c19a5
6f5482c3eb178a408ac33795641902b32293eabfe14dbdf21d606f47115e7d0d
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
73d61cae3c3fb4947645280a810598fc1110fd716a7286dd989bce30d623fde5
748cb7c7e496f1faa692b8e8026b44e5c96c510fa7a83f684bf1fa431caaea9f
76598c4c6cea9e61f3ee7a769240943b8bd4fbf7f4e8c5d095e4407075ccee1f
76a695ae5a46c2ebdf876ebb8758a3cb4f71340731ea11d4f01174363b9baea0
777d763637b7eba97de2ce286da7c0429e4f3c85be743aa3cb22aaba041bfa12
7b9ec9a012c14038753afbeadd796a9af2b08effa413ba5769b18ab2b0c7381f
80cba859fabe71c5dd2a543b30f7fb6df267d042986dc79f863dd79edfc5befb
8507ff641cb0ef478c7bd2550412973977768945ca2f1dc96f922a340e7ad46f
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
863204bf5ae951e4106b6af142c3be0bed6b9178bf5843d5f8a595273dd9803b
86c465e3326d82e10af4d276bc14d14343d044530a3587469828460440f55633
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93a908b76ecc9584c2a54c3111b2af4d66b3840adb9c69833d23825c6bc93924
9709441b0a6984b6f42a3ed61f22a0bfecff830fcb1c4b1a9feea2b190f2006c
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5e5e31748c71fb3f59e14910e9cb30c0b8ec028aaa58b6c4efa172857e4e0ea
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6085379d75af8f867776e7d23eef41b6c9c0c2d6395342d602da7dadc676621
b7123649a9d080e9b0953963a4f756c11b16a31fdbffefd0ed1aaf18d234cb02
b917fb36156c12219b1badab527856ec5101523a7cf88e67b7610702683d78cf
bbee5d05ec8b367de41bf591fad75818047ccb6964be79f8b2f704149133527c
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cc99089434467b30a5c3a6f897f7f168531314e4ad11708b92d5d3e6f85d9929
d6aeb1d1847db5b62932464a13b1921113f4b4da63b014c3e0cddd8ba8c08bcc
d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2
d94e57e31652b8c341ade399e2f52fc46a9be5d3b4346cbbe660c67398921cff
dadcffea88193ce7d5f03a1866deef3bcb3980bdfa131906d93052bf5d20acf9
ded01cb64e5400737859bd9f2dae7c2033b9a50727b1aebb0716d45178109aa2
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d81ed8a8520ee6bb845ccf74b51217c08dc27e3d37a9377edea351f629b95f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7d8ccf87b4c7ee427bf5bbb4071cf2b74f0d01c9ef0d9b9185520619d9b066
ef05c0164b195ad79706d6e3a71d5717c92bc8a2161681fde3c6158265a94142
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e5ed0e2610f8c7c1b68d3524698735f4e0a334fd78398d9ee11bc3e471cb6c
f44acf68e13d306e6b8cf14595de83022c6699807c541a3bbf419836a4fddbb0
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7
ff9781af7fa6d77e77d50ec59e7280513a347e9cb7be6bcad24f11603e6bb208

s.id Open in urlscan Pro 193.84.85.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

89 %HTTPS

59 %IPv6

26 Domains

36 Subdomains

30 IPs

8 Countries

2961 kBTransfer

7712 kBSize

22 Cookies

2 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s.id Open in urlscan Pro
193.84.85.178 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

89 %
HTTPS

59 %
IPv6

26
Domains

36
Subdomains

30
IPs

8
Countries

2961 kB
Transfer

7712 kB
Size

22
Cookies

156 HTTP transactions
2 data transactions