urlscan.io logo urlscan.io
SecurityTrails logo

s.id Open in urlscan Pro
193.84.85.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s.id/204hb
Effective URL: https://s.id/204hb?a=confirm
Submission: On January 27 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 5 countries across 31 domains to perform 111 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 122908.
TLS certificate: Issued by R3 on December 21st 2023. Valid for: 3 months.
This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 193.84.85.178 59796 (STORMWALL-AS)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 18.155.129.34 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 52.210.162.23 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
16 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 9 142.250.181.226 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
3 4 185.89.210.82 29990 (ASN-APPNEX)
1 2 3.248.239.255 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:245... 16509 (AMAZON-02)
9 2600:1f13:800... 16509 (AMAZON-02)
2 2a00:1450:400... ()
5 2a00:1450:400... ()
1 2a02:fa8:8806... ()
1 1 2620:1ec:21::14 ()
1 35.214.149.91 ()
3 3 46.228.174.117 ()
1 159.203.145.121 ()
1 2 51.75.86.98 ()
1 1 35.214.142.236 ()
111 37
4    193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)
s.id
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
2    2606:4700:20::ac43:4bb1 (United States)

ASN13335 (CLOUDFLARENET, US)
protagcdn.com
adx.protagcdn.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.155.129.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-34.cdg52.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.210.162.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
16    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    3.248.239.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
15    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2600:9000:2450:2e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f13:800:7780:bad:39fb:3054:9ae2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2a00:1450:4001:806::200a (None, )

ASN- ()
fonts.googleapis.com
5    2a00:1450:4001:82f::2003 (None, )

ASN- ()
www.gstatic.com
1    2a02:fa8:8806:21::1720 (None, )

ASN- ()
dclk-match.dotomi.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    35.214.149.91 (None, )

ASN- ()
x.bidswitch.net
3    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    159.203.145.121 (None, )

ASN- ()
cs.chocolateplatform.com
2    51.75.86.98 (None, )

ASN- ()
onetag-sys.com
1    35.214.142.236 (None, )

ASN- ()
csync.loopme.me
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
194 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
290 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
178 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
105 KB
5 gstatic.com
www.gstatic.com
75 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
4 KB
4 s.id
s.id — Cisco Umbrella Rank: 122908
8 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
786 B
2 onetag-sys.com
onetag-sys.com
585 B
2 1rx.io
sync.1rx.io
2 KB
2 googleapis.com
fonts.googleapis.com
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
29 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
130 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
29 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
300 B
2 protagcdn.com
protagcdn.com — Cisco Umbrella Rank: 127749
adx.protagcdn.com — Cisco Umbrella Rank: 428990
134 KB
1 loopme.me
csync.loopme.me
408 B
1 chocolateplatform.com
cs.chocolateplatform.com
134 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
573 B
1 bidswitch.net
x.bidswitch.net
235 B
1 linkedin.com
px.ads.linkedin.com
775 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
111 31
Domain Requested by
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 s0.2mdn.net s.id
s0.2mdn.net
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
s.id
9 dt.adsafeprotected.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
9 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
5 www.gstatic.com s.id
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 securepubads.g.doubleclick.net s.id
securepubads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 s.id 2 redirects s.id
3 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 onetag-sys.com 1 redirects
2 sync.1rx.io 2 redirects
2 fonts.googleapis.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
s.id
2 static.adsafeprotected.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
2 cdnjs.cloudflare.com s0.2mdn.net
2 googleads4.g.doubleclick.net s.id
2 fw.adsafeprotected.com 1 redirects s.id
2 www.googletagservices.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
s.id
2 googleads.g.doubleclick.net 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
s.id
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 region1.google-analytics.com www.googletagmanager.com
1 csync.loopme.me 1 redirects
1 cs.chocolateplatform.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 x.bidswitch.net 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
1 px.ads.linkedin.com 1 redirects
1 dclk-match.dotomi.com 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 adx.protagcdn.com protagcdn.com
1 protagcdn.com s.id
1 www.googletagmanager.com s.id
111 43

This site contains links to these domains. Also see Links.

Domain
protagcdn.com
Subject Issuer Validity Valid
s.id
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
protagcdn.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh

This page contains 15 frames:

Primary Page: https://s.id/204hb?a=confirm
Frame ID: D42D5DCE1728F09B712B94755095B708
Requests: 24 HTTP requests in this frame

Frame: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F472ED97C29D42FC4B96A72ACBDB5DA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=s.id
Frame ID: 9F38E97F062C4E40E7F1306CF8BECA4E
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8148A2B29A4F20D3A36863C96C9CA202
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA8BAE7032DC4DB25510ED83F04EEDF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 207E7EB500898CF46CDE51B5C6C8F441
Requests: 2 HTTP requests in this frame

Frame: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C3C7C7CBB81072588A631437A7DFD29
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Frame ID: B7E44AB0ACF1718C8CF0DAF0E26770C3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2FAAC4CF8A8D6F5D5352D53A1CD4BC8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Frame ID: 66267F248C5FA697B3BA4FB040F4E242
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 72949D86E867614BF5E25E8D0BDF353E
Requests: 1 HTTP requests in this frame

Frame: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95760F980AAC67568EE3B89B39977404
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: AC501E4D7234527357A6CD809A0B6AE0
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F88E04D66BC2682AF3239400E37A3B9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: FE1755142678DFA6EA2979BDC88951B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm redirect action

Page URL History Show full URLs

  1. http://s.id/204hb HTTP 308
    https://s.id/204hb HTTP 302
    https://s.id/204hb?a=confirm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

111
Requests

90 %
HTTPS

54 %
IPv6

31
Domains

43
Subdomains

37
IPs

5
Countries

1313 kB
Transfer

3767 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s.id/204hb HTTP 308
    https://s.id/204hb HTTP 302
    https://s.id/204hb?a=confirm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp&cc=1
Request Chain 19
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jcO_-3w4ZnJCYzFjY29xTlhvSWx3R2thU2pKMHNvNkpHQlU1K2VYdVRTeFFzZGw0Y3poY3AwVjFvT1FPYVIzU29kUStueTVhSjJ4T095YVlWZXlCSC85dmpVc2dRWWw1ZDRQTjdXSW9VUStmTzFvanJadWUxVkp0SDA1NUxqSUZJMXlxalRweHJZUFJKRzBTWTBFN0ZrbDBlRzR3K04zU0MvZlZQZUlaTkZIMFJ1SHU1dVU0WW9DT3RQbDZRYkRCUUNsMXFwaGE4aHlTejdibk81djB4ei95TXBtQkM5T3pEUWJBYTNwTFVQclVBVEdicXlic0FTak40QllFWUVQSjdCT2V0d1hUNE9rSGt4U29kOWJZa1ZXMFN4Zz09fA&cppv=2
Request Chain 34
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&C=1
Request Chain 35
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbUIUwVCUaK0degz0V.0UgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&google_hm=2
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBIZ97iF-OrLa2S7AI-aOak&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBIZ97iF-OrLa2S7AI-aOak%26google_cver%3D1
Request Chain 37
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMjUwNDk1NTU1MjMwMDEz
Request Chain 66
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019481/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20843743084&bidurl=https://s.id/204hb&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jsSUqhd5ErhnIvd0cZkey5&adContainerId=brand_safety_Uwi1ZfnxHpSk9u8P28eA0A8&cbFunctionName=goog_wrapCb_Uwi1ZfnxHpSk9u8P28eA0A8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fs.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fs.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ae318da9-dbbd-1a42-bf30-3544a66cfa96,c:2vBTB7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-dlnm4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:26,oid:f2a36373-bd19-11ee-a8e1-863746ca2856,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Uwi1ZfnxHpSk9u8P28eA0A8&cbFunctionName=goog_wrapCb_Uwi1ZfnxHpSk9u8P28eA0A8&true_pb=
Request Chain 103
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO-18S-TDJ5DxSWwCyZIGNk&google_cver=1&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96odJP1_ELxlwxUEpQHel5aWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96odJP1_ELxlwxUEpQHel5aWA
Request Chain 105
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIbzhuL9oTbCjDfWr1L1ybk&google_cver=1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1706362968945 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-52b77388-b97e-43ac-8522-644af321311c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc%26google_hm%3DA1K3c4i5fkOshSJkSvMhMRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&google_hm=A1K3c4i5fkOshSJkSvMhMRw
Request Chain 107
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEUL9ZA5s20xHL0Y75vcvNk&google_cver=1&google_push=AXcoOmSPgWbHFJpXtZcuVjZKYtFEjY3iEOiORaZDPuXz-DHTaiI2YWvY6La1xl6TrijIKoN-uyGi4o28upERZ377cyHUqI3WYF6W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSPgWbHFJpXtZcuVjZKYtFEjY3iEOiORaZDPuXz-DHTaiI2YWvY6La1xl6TrijIKoN-uyGi4o28upERZ377cyHUqI3WYF6W HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 108
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGrSHhSs22v9HmTV9tT8wSo&google_cver=1&google_push=AXcoOmRrKYsHJVzw9qnKBdPmFSGxrl9SjMS9jaSpesH_4Wnc5kgid4tSwB1Y1g4XcbTwF1Sjep7USf8mIUqSXd8zhaEe2QpxV5aZ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cde98e73-b5db-49a4-b555-a582f1d26faf&google_cver=1&google_gid=CAESEGrSHhSs22v9HmTV9tT8wSo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRrKYsHJVzw9qnKBdPmFSGxrl9SjMS9jaSpesH_4Wnc5kgid4tSwB1Y1g4XcbTwF1Sjep7USf8mIUqSXd8zhaEe2QpxV5aZ&gdpr=${GDPR}

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 204hb
s.id/
Redirect Chain
  • http://s.id/204hb
  • https://s.id/204hb
  • https://s.id/204hb?a=confirm
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
b1d9972634fec07c4688236502d62e9b9f7edb5248e0a2f73ed63635b6526212
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=15
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 13:42:41 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding

Redirect headers

cache-control
private, max-age=15
content-length
0
date
Sat, 27 Jan 2024 13:42:41 GMT
location
https://s.id/204hb?a=confirm
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
output.css
s.id/@dist/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.id/@dist/output.css?vbhu23tc634
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
d86c32448881af0e96b6a83c83e12b5fa322415920ba574e5103d88dd70c1103
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/204hb?a=confirm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 07:44:01 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=utf-8
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5JJTR8XKXM
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be3f653d73713d0c8e10917b72e227e9bbbe6c2b60801bd539eff4506150a64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93691
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 13:42:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9226b79c579e5fb8cf01527373a118cc95a220b71934dd031a393712f0558d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29665
x-xss-protection
0
server
cafe
etag
626 / 19749 / 31080709 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:42:42 GMT
site.js
protagcdn.com/s/s.id/ 		468 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protagcdn.com/s/s.id/site.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b2e117428c68d77bbf3fe7bd41d4b8d64bb6ed6d11a535bc346693f44e30d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2138
cf-polished
origSize=479754
alt-svc
h3=":443"; ma=86400
pragma
no-cache
cf-bgj
minify
last-modified
Mon, 22 Jan 2024 16:46:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gfCZl5TKjy2hBBO0rfZ3Jul8enp3Z47fV3h7Cwv5BU%2Fsw4a%2F1j%2BKzx%2Bbmb%2Fwlwh9KOoITyus03%2FMx2nfamC6Kg7UuKFv7xbcXGK9rGHcqmMtUPPLfIBokU9evUB9Bg1W%2BcLrv%2F8%2BDVKLy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
84c16ba2fa112c72-FRA
expires
Sat, 27 Jan 2024 14:12:42 GMT
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5JJTR8XKXM&gtm=45je41o0v9123215351&_p=1706362962328&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=611971924.1706362962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706362962&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&dt=Confirm%20redirect%20action&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2763
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJTR8XKXM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
7556
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:36:46 GMT
ads.js
adx.protagcdn.com/ads/advertisement/ 		200 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.protagcdn.com/ads/advertisement/ads.js
Requested by
Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-balancer-id
2
date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1363
cf-polished
origSize=248
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 09 May 2023 13:32:59 GMT
server
cloudflare
etag
W/"f8-5fb42cb349414"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7f7UkoZGhnDbMBW741Dpt20N1Dokc6xDcumH6mXnoZ74GNOFF8DE6XInp%2BaPx2kpZxASTlw42jDgduXBA9zIMcQfVPUQ60pZNeF9XamanHdHhPF4Y1QBDrxF30GNS97CdG%2FBorWC%2FUGgOsNfGni"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=691200
cf-ray
84c16ba40c6c2c72-FRA
expires
Sun, 04 Feb 2024 13:19:59 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12156
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir%2FMgfu%2BlvJKNcgNjhI%2BGorevOKrICL5AsdfW%2FKo433IdrcQ4QNxcsFdluxfDbyjzCIgzU5R8FOXR%2FTI%2BRNMSBd%2FGvg3RgX8vh4rzp0LmWzdcYAmPMdo%2ByvXo2A6XxBmiZna29S6EnxtYs1MnnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
84c16ba4dac4365f-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
V03E6ZF2C6HGP41S
age
887
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84c16ba4ebdf2be4-FRA
x-amz-id-2
TsE10EZUsDjCVe6zWyFkrU/oOlE1eIMPPQoGoabx/hxxo0mDJhiQoos4cdzfES94jSBSNZHiGfo=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 19:42:46 GMT
content-encoding
gzip
age
1879196
x-guploader-uploadid
ABPtcPoloqixCCgTXomADCSOsA3BvcXFUxsBHUY7D-XO-cwUIkLuV-5nhidCq6Qut0LCqSjbEWf0KZgVTA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 04 Jan 2025 19:42:46 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Jan 2024 13:42:42 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-34.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 04:06:49 GMT
content-encoding
gzip
via
1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
35184
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7DdB9jd8b3jGCLDNI-eUeR3W5xj8C5LVxWnnUO2m5u7BrEdqzZynlw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:42 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
f899c9a34bfd86220346e744ce4a14fc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4367526890288832&correlator=1411936197971090&eid=44809527%2C31080255%2C31080709%2C31080116&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Cin_content&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250&ifi=1&didk=3656045228&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706362962672&lmt=1706362962&adxs=566&adys=713&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&vis=1&psz=592x0&msz=592x0&fws=4&ohw=1600&ga_vid=611971924.1706362962&ga_sid=1706362963&ga_hid=1317580852&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzIWi2dQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjMhaLZ1DFIAFICCGQSGQoKcHViY2lkLm9yZxjMhaLZ1DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YzIWi2dQxSABSAghkEhcKCHJ0YmhvdXNlGMyFotnUMUgAUgIIZBIUCgVvcGVueBjMhaLZ1DFIAFICCGQ.&dlt=1706362962111&idt=485&prev_scp=env%3Dprod%26site%3Ds.id%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fs.id%252F204hb%253Fa%253Dconfirm%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D41%26protag_minutes%3D42%26protag_hours%3D13%26protag_day%3D6%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content&cust_params=adBlock%3Dfalse&adks=3108647390&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81b2da7adc107bd5dcc2d775a50f62ed423540914636653ec0ea6b458bd4f78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10023
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://s.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:42 GMT
expires
Sun, 26 Jan 2025 13:42:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1ff35146db91f56921153cccfdeb95ced7a593d897d00cc1bcc86b6ce53fc09f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-+yktk3wUqsLT21jltjnvv7vbanc"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://s.id
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 27 Jan 2024 13:42:42 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://s.id
location
/esp?url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
270421a16b8dace9b6a9c1114061c97e2a22ef43118179a029307813e96d37bc

Request headers

Referer
https://s.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.id
cache-control
no-cache
x-server
10.45.29.245
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://s.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://s.id
date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 9F38 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=s.id
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:42 GMT
server
Kestrel
server-processing-duration-in-ticks
423431
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame 9F38
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=jcO_-3w4ZnJCYzFjY29xTlhvSWx3R2thU2pKMHNvNkpHQlU1K2VYdVRTeFFzZGw0Y3poY3AwVjFvT1FPYVIzU29kUStueTVhSjJ4T095YVlWZXlCSC85dmpVc2dRWWw1ZDRQTjdXSW9VUStmTzFvanJadWUxVkp0SDA1NU...
419 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jcO_-3w4ZnJCYzFjY29xTlhvSWx3R2thU2pKMHNvNkpHQlU1K2VYdVRTeFFzZGw0Y3poY3AwVjFvT1FPYVIzU29kUStueTVhSjJ4T095YVlWZXlCSC85dmpVc2dRWWw1ZDRQTjdXSW9VUStmTzFvanJadWUxVkp0SDA1NUxqSUZJMXlxalRweHJZUFJKRzBTWTBFN0ZrbDBlRzR3K04zU0MvZlZQZUlaTkZIMFJ1SHU1dVU0WW9DT3RQbDZRYkRCUUNsMXFwaGE4aHlTejdibk81djB4ei95TXBtQkM5T3pEUWJBYTNwTFVQclVBVEdicXlic0FTak40QllFWUVQSjdCT2V0d1hUNE9rSGt4U29kOWJZa1ZXMFN4Zz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b58b6db13a5d13088670edbe9788d925dbc5d61b76f250e2c4d44af7dcdab27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1242832
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jcO_-3w4ZnJCYzFjY29xTlhvSWx3R2thU2pKMHNvNkpHQlU1K2VYdVRTeFFzZGw0Y3poY3AwVjFvT1FPYVIzU29kUStueTVhSjJ4T095YVlWZXlCSC85dmpVc2dRWWw1ZDRQTjdXSW9VUStmTzFvanJadWUxVkp0SDA1NUxqSUZJMXlxalRweHJZUFJKRzBTWTBFN0ZrbDBlRzR3K04zU0MvZlZQZUlaTkZIMFJ1SHU1dVU0WW9DT3RQbDZRYkRCUUNsMXFwaGE4aHlTejdibk81djB4ei95TXBtQkM5T3pEUWJBYTNwTFVQclVBVEdicXlic0FTak40QllFWUVQSjdCT2V0d1hUNE9rSGt4U29kOWJZa1ZXMFN4Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
263997
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dcc9758295c79923c01bcb3d58f10f3b4fa9cbfb8da9a454547677fd57b0dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12205
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 13:42:43 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 8148 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sat, 27 Jan 2024 13:42:43 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA8B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
60125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 21:00:38 GMT
expires
Sat, 25 Jan 2025 21:00:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 207E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7c3559919762ede4467e40559fd138b1d40377f4e2dff6f25774ea8daf72817e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X74ShUqoFOEJGsaNNC7lMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-X74ShUqoFOEJGsaNNC7lMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:43 GMT
expires
Sat, 27 Jan 2024 13:42:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DA8B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Jan 2025 12:09:17 GMT
container.html
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:42 GMT
expires
Sun, 26 Jan 2025 13:42:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B7E4 		624 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:43 GMT
expires
Sat, 27 Jan 2024 13:42:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0C3C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:42:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C3C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzPqN93PLzAragKC2estDYHAcYTGbKt7i4Y3ycqWHz_55WZ73xHdvDRgIJqkiCEPReOvuWG9cCmctWKj0ngopDgguHWTs83nUlMzBQ04phJHgkoSQ
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0C3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
60500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 20:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0C3C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
6172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 11:59:51 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0C3C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:42:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 207E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=4367526890288832&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B7E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&C=1
43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBzxVEq%2BSGFo8%2FfLM79Pg6cVeksMDBmiWVSSfJ7FApj7CROGavX8R%2FYyeDB1Nyq4LUQW%2BC4HtKmQOF8qWIRP3pN3uWcZ8QkmxGvxNR4YMyp9QCjMz7r0%2FDLoyYB4LqjNHcwmu%2F%2BFeCEKRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84c16baaff0058ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzkUl%2BFgxtbu8UPFMPotLYYnpQPASrEL%2FH0RhrPJio%2BvzwXjYi4AA6%2BwlKxJXkZD78MhI1Fgfx73bfF6NatOTuSzW3yqH9230TIk3LIctq5ZAx6WInPZCRk3JbQ4wvCJgKstBrCJk04UjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&C=1
cache-control
no-cache
cf-ray
84c16baa1e0c4504-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B7E4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbUIUwVCUaK0degz0V.0UgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9FEHu5L7GIsnUoDxK5nkXJ%2F57uAL0v%2Bc2voEgETAIZsBUk6uXDEDxMWwFfUwbMIZ08%2BQ6d5dcWjRdOJuJ%2FZzdidviJ5TQVsMqe3jwG2vE9348WUtrOLqV3BRTCasXLGQ2vJAit%2FlzvhCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84c16bab2f8b58ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECuY2EO09CCqAwgTwgqlb1o&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B7E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBIZ97iF-OrLa2S7AI-aOak&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBIZ97iF-OrLa2S7AI-aOak%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBIZ97iF-OrLa2S7AI-aOak%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
an-x-request-uuid
6d9b9f7c-f8f6-4e80-952a-c17d7a1346c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
an-x-request-uuid
7b37f1f4-f659-4382-af44-d7f484755901
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBIZ97iF-OrLa2S7AI-aOak%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B7E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMjUwNDk1NTU1MjMwMDEz
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMjUwNDk1NTU1MjMwMDEz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPSu1YACMAE&v=APEucNWeFiZjnSVgU_9WzlrFycnDR3aMcl4AcbRxZ4NOlH8JxlTBqH-8qE4g16SH2DhW4ZD-mSoqPjd3cvDRESyyPmZRv2FRnt8vW9FJ37ED9Mm8tV2L602GupXABHtGtWrqbk_1MahtPQLEdIGu7sdGvxHUPUiBeDFdAXx4GOLqrp63P7mPB9bOxamk_npH0xkMIftyl8q7rCx4qgRMN5dqjKfd5FdYGQ
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
an-x-request-uuid
23fb5f39-4dbd-40cf-b474-35735677d6ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMjUwNDk1NTU1MjMwMDEz
x-proxy-origin
217.114.218.27; 217.114.218.27; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DA8B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4QhohA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3114235537589&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3114235537589&version=m202309260101&ct=76&x=1&cor=549557503002373200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0C3C 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPZEszCRzbYwh4m3A96eLD8-o7TdRumy1bVuDu4k93m4DQS5UVgM59Jb_alMdqbIkyV2Z9A4LXow3p1y8cL1szD89TgzBla61Y4sEHqb3suehIGfAqxE9tyoEtqVC_AAECbQCGXsD1GijrFzxI-PAhdHzoACsqAanAjb55cr_eBrjrhHU&dbm_d=AKAmf-AX92ABEjphg2VR2EAUdKVyj90vx5V0auUqMaP60ct1wz64ynZU9VgvSGLEVLE5bzFen-lYfZQmGoxKa1B_8JR6-n2vqnJVeMWd39q1U0YCYLyXptY7RJauTP90uzWzy3cTM4YcpIcJGG_b80PsYBHmqc235dGI6V528ATVxzqUm2R2TBMWFrSSaPY0uAnoubNcKEYEAKFY9FU8Ig-EX_WURXYz2O3rPxkmbVN0XrL8lTzKEjzaGDWAHlZkqpqWaRZOb-AfXaBLDMb1Qx_P5V0aj8BC9UNHQp2qn4cDkJqzFnsFiRBYdgXyy46JjFiIhElY4KvezRGol5CyhwU9AZx-lyfoTuNFRS7GmVzEKA9Pr4SOlx9Tamls97_L4_aW8CDfvCqQQn0t1fqxaVuWZYmWL-LlXCtRLbDHMesuXVYxFflGhbP_0crvWwpCUtTFD89DHnkiqc4n8k8B3nxwZQTgSZONzFg2mWCfaS54lN0qkg6FfT4sac-bq_b4QW0uTvSieCAkIkFNr3Kfj5d3_DUGfv71WIcDMOwztZy6oPIzBEJDpgFZQ6hEDScItKKwW0YTm8zEe2g1yweDnRJxHVkst1GIq2r35iLd2eM7b4vwKH4xiPyJGHFH09BjxNH6Xick_0XAobCmYa5a38qhhP-C4VpdTaifELzVvLxtU_-4Tig2_lNSemrH5ck2vq-R0A_T3cLEIfahPDL-Pw63fwyq_iWVCyf01XNoieJEr1ePJJsV4WiHA2wO9oQvL_HmbHav8kaTAsKMA6f4dhW1DK0ju2zV_LyKGLv7CJOJRzCTSZrYgL1LPj2HVDzVyNl1nNHE7OObkiUOTmE8eNlpzj4g1u9zVRn1L4ZnTlrEs5DajdF3XALJzdoXTpxn1WRLFfLUNA_iUDeeEAoi89edgECEMQ9YhhvAzHRWUIf9_15jaTK8HPWkUeNbTzUAniNFMiSGRdvtglLMa6YD3z-PJjheRFVK1retNWBqmxs3DDLiLbctX_4Im5ysjAgikWHqp1RNoIi4cmLfC-KQBfkTM3NBV2Hf1nx0WXK8hfKt0lVQzZicd0o4ot_Swqp3Q7GfsbZVwKxtWyWbee2MivDahG6VICV4W8Q54ziOZ9kgZmrGXN6jAqop19GgqzUyfkHzMLDRvpRNZuARcq79rQ27vTBY1Q_d8Skre2rIXvfGNDZ7S2J2U6lP-Pi3Mfj6iWPPX_LoFMMdT1Trq2poSg0bYi7QN57_V-7XfCGQMWlYpotTkzw-Zw3xvXcuCe5vWTl3RHwB2JEhsx8sQvyt2WuNn0QJjgLeDNRi88x2y2tkgtUOk4M6g70GJgiaUsd1XpV52oXUaKfY3a92bgtLJgyikDPC9lmYH_J-WaBQOIpRE8_5xvLOqecOgLuiOOHvtnRrHLhJqn2y-YGHOznAZ3m4A5BH8FxmCxBjgcytVfv4rAcUkvk4CLksqbwbP_LNNJoNFKkknJNsaAiQ7bKTJoZ-MJwoMAr0VuNNOx5JfBQleqxGdmcnAnN7cQ84AUSiOs4Z64BkcZr9edYixxmVP7c3FY3nSwQBFxViyWpwF5S9is6QGBHvXVcYEUvMj6LcJbkA9xDTKsgrRUVpZa1XhM8hR-VnTOcpke7OCR4ey2Le1Hbqp3Ld1wwSuY0ip7kG5IWynRsSoysGVa4u5pc5sqf3nd7Fkbl7pyW5CJ24NNcu102E_HyY_AtLra7tXOr5PI7xxJv-YKuhG3h19O5BRvbs4l7X7HO5-EDjJ78sqQ6MmX89jjZwRAnUw8JiJC9MRd5KA2Yr3Vvkxxa3_RneO0L91HQshEOglU5YZ3ox06HuxAPx5GDEul5kjsfrTJZDXDjzJxJHbWOuqBm9ackrTiC9hJIwSODrRksagcG7WGrP0RaARKvKi5PCw-iOUDLlyhwFeFcW_Eu0hpGFv-Gg36Sme9-KaJWRoWRRiHJkILcloCK62k77SkHVPSkBiAK31Em_lf0DpfLSGX72v4RnVFayZ9GnL7F8rzVOv3hj0euyB9uLOOqUGTsiwZUU02PTpsjxagbk8sNYc63GFIOQqGCEOgiUJANj_oq2q_c6eLOZ5oAuuHueN3ertA3kqV4d38gu4yY9t_txplPaHQWUhKP8FZgaD2x62LZ8qgPXd7wTud1vlFy8cVCgSvlD7gZMI_O0E5nhKkA97QRx2BdO6FR6jUhzygZH0l-30cXw9XYAYatkf-0icvLFhy1v50sKZI0tmxJzCR4N4t81gtxBVZtt3zKiBYXVETy-vKJSyu2gNpDdQROr4RTxUkwQza83KlF0QeQWG0KTaWo_-quaX3whR-zV7f6Z5Yu_SLSr6-c9wXPrRQEmrX6IY6876oNhbWX2qQ48aKjakDNwJq3IPIbsoLoUFAA-F-qPGZ1kw5wJ7LUIt2ffd58AjMTQG7J2lwBGg4AJqgDWzNnhWSr5SQ3-7dpRVdHqUWUS0nRHuc0UstMLIGleRFij_TMYICLnjc7RovybStWJkGTULVsBLvlhMZTnRYGFFNiqSEcXweajU_rcJPL2QfLXYsN1pALJ3VHjgumN2rSaggvC1f9jQd-43YMYmdLq6Ae5a6ZJwaF-Xzm6eLAZJYwDnCPOUVbMr_H_vGAotDkFi-fGXC0Xy-8Y6uZi6B7xTyJ8qX3deDi1nnWa8VO3laLiwtMUQvKUJ4q_UQFhHL4y0lYuqiNnCvNuBqKMDwLjgIjEvqEvApLT19Zey39Rz2_Eyin7EJGj3bk9Tsy0lNxB6PXgCLctoj-0SbyLuLgnnK8uFMGJZOYvgG2vfF9PLJTFJiGC9hJ4vp1-rAzKt8eTC1Gymo8XSdfnNs90C_HDy85BW0EXWoJxZhAvf059fXTKl3SATZ00sxQTl8IowYZzSLlVaZ_qc2546YSuEUSKOMUI7sVo5Jmt_2VN5A_f5CnnaSeJzf5Qpn_opIBD7bOw9mBo5DjUJNm8EODEr-1mJKgqA0JnuAM2o6lqQgoF-h9Ab84CNeP6eNDfaRHaXizgf486E5Rz0EHRVpKndxjFhToPlyy29MI-HK8F-p4k3UolTbhtotp9e8-1ifWwkn5sLLIPzGl4tyNlw4ckPo4ooutimHBPkqcKXZnIVrkCKI4OLaa8rUtRCKznxCBNEscqhTwAghYtCXoq5NqhKTURqQi8XMcR14bJJk_iCwu2QQccLc2FSSZ6Avk61yz2ciDKye4F8jhIH09EQWJXwL3SRqc9-vaFdwa8V62Tu8ogRCuiuNVGuRzEAJkJPyRiPnz2qCgL_4X3GxTgu7GkRU78nTKx8p930EcwcSneyIyCdF5dSdB5_YxG9sGjR1L4XVz1AK3dZxxgjSLvE-EVg157QDkvosl-3PCLgHgj_N4c7E7kdT42WuMfd4fd12r-QQQ1314T5vkCGOu9gG_4NX4-dnYpjRNI6V3OKu5X9_KP0K1e8gUCdV2rLU3A1YRM2lszR5Lu9lFvaX-3JdBz2swfPLJ-pxZE5NUC0inh-8EJaYzSH2u6RQdtTQLfDZ9CKyUekdfo2CsmXChU1Sik4XsRmFPjnEut5u1v-ZnckYj9MZSltyi-JV3ULgsB5xocskTt56NCR-dgIUIPqU6R4Djx-kewQJ5aTYFjNtnWW7JpuyXPI8hWAOwIkOaHgZyciShUwvFnwQRyQCllDIPVs_CYYg&cid=CAQSTgAvHhf_vAzP426QBLEnFQ3Hgx3AKp4pxPEq2jsz239D1AU4WH0g0upgTblKbHIk0RnApLgR4rCPzdps2LJ0njQBOiY2ooqmWSue7NQvmxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs.id%2F&ds=l&xdt=1&iif=1&cor=549557503002373200&adk=2228999114&idt=152&cac=0&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79055357dbfcec304ed20d06df3d83db148e7f812581838bcdd73443b00a345f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019481/ Frame 0C3C 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019481/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20843743084&bidurl=https://s.id/204hb&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jsSUqhd5ErhnIvd0cZkey5
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cade9e1f1f3ab592811f67a139855798cccb19b2728e233b1b29b4825ed9bc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0C3C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
Origin
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 17:14:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 0C3C 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPZEszCRzbYwh4m3A96eLD8-o7TdRumy1bVuDu4k93m4DQS5UVgM59Jb_alMdqbIkyV2Z9A4LXow3p1y8cL1szD89TgzBla61Y4sEHqb3suehIGfAqxE9tyoEtqVC_AAECbQCGXsD1GijrFzxI-PAhdHzoACsqAanAjb55cr_eBrjrhHU&dbm_d=AKAmf-AX92ABEjphg2VR2EAUdKVyj90vx5V0auUqMaP60ct1wz64ynZU9VgvSGLEVLE5bzFen-lYfZQmGoxKa1B_8JR6-n2vqnJVeMWd39q1U0YCYLyXptY7RJauTP90uzWzy3cTM4YcpIcJGG_b80PsYBHmqc235dGI6V528ATVxzqUm2R2TBMWFrSSaPY0uAnoubNcKEYEAKFY9FU8Ig-EX_WURXYz2O3rPxkmbVN0XrL8lTzKEjzaGDWAHlZkqpqWaRZOb-AfXaBLDMb1Qx_P5V0aj8BC9UNHQp2qn4cDkJqzFnsFiRBYdgXyy46JjFiIhElY4KvezRGol5CyhwU9AZx-lyfoTuNFRS7GmVzEKA9Pr4SOlx9Tamls97_L4_aW8CDfvCqQQn0t1fqxaVuWZYmWL-LlXCtRLbDHMesuXVYxFflGhbP_0crvWwpCUtTFD89DHnkiqc4n8k8B3nxwZQTgSZONzFg2mWCfaS54lN0qkg6FfT4sac-bq_b4QW0uTvSieCAkIkFNr3Kfj5d3_DUGfv71WIcDMOwztZy6oPIzBEJDpgFZQ6hEDScItKKwW0YTm8zEe2g1yweDnRJxHVkst1GIq2r35iLd2eM7b4vwKH4xiPyJGHFH09BjxNH6Xick_0XAobCmYa5a38qhhP-C4VpdTaifELzVvLxtU_-4Tig2_lNSemrH5ck2vq-R0A_T3cLEIfahPDL-Pw63fwyq_iWVCyf01XNoieJEr1ePJJsV4WiHA2wO9oQvL_HmbHav8kaTAsKMA6f4dhW1DK0ju2zV_LyKGLv7CJOJRzCTSZrYgL1LPj2HVDzVyNl1nNHE7OObkiUOTmE8eNlpzj4g1u9zVRn1L4ZnTlrEs5DajdF3XALJzdoXTpxn1WRLFfLUNA_iUDeeEAoi89edgECEMQ9YhhvAzHRWUIf9_15jaTK8HPWkUeNbTzUAniNFMiSGRdvtglLMa6YD3z-PJjheRFVK1retNWBqmxs3DDLiLbctX_4Im5ysjAgikWHqp1RNoIi4cmLfC-KQBfkTM3NBV2Hf1nx0WXK8hfKt0lVQzZicd0o4ot_Swqp3Q7GfsbZVwKxtWyWbee2MivDahG6VICV4W8Q54ziOZ9kgZmrGXN6jAqop19GgqzUyfkHzMLDRvpRNZuARcq79rQ27vTBY1Q_d8Skre2rIXvfGNDZ7S2J2U6lP-Pi3Mfj6iWPPX_LoFMMdT1Trq2poSg0bYi7QN57_V-7XfCGQMWlYpotTkzw-Zw3xvXcuCe5vWTl3RHwB2JEhsx8sQvyt2WuNn0QJjgLeDNRi88x2y2tkgtUOk4M6g70GJgiaUsd1XpV52oXUaKfY3a92bgtLJgyikDPC9lmYH_J-WaBQOIpRE8_5xvLOqecOgLuiOOHvtnRrHLhJqn2y-YGHOznAZ3m4A5BH8FxmCxBjgcytVfv4rAcUkvk4CLksqbwbP_LNNJoNFKkknJNsaAiQ7bKTJoZ-MJwoMAr0VuNNOx5JfBQleqxGdmcnAnN7cQ84AUSiOs4Z64BkcZr9edYixxmVP7c3FY3nSwQBFxViyWpwF5S9is6QGBHvXVcYEUvMj6LcJbkA9xDTKsgrRUVpZa1XhM8hR-VnTOcpke7OCR4ey2Le1Hbqp3Ld1wwSuY0ip7kG5IWynRsSoysGVa4u5pc5sqf3nd7Fkbl7pyW5CJ24NNcu102E_HyY_AtLra7tXOr5PI7xxJv-YKuhG3h19O5BRvbs4l7X7HO5-EDjJ78sqQ6MmX89jjZwRAnUw8JiJC9MRd5KA2Yr3Vvkxxa3_RneO0L91HQshEOglU5YZ3ox06HuxAPx5GDEul5kjsfrTJZDXDjzJxJHbWOuqBm9ackrTiC9hJIwSODrRksagcG7WGrP0RaARKvKi5PCw-iOUDLlyhwFeFcW_Eu0hpGFv-Gg36Sme9-KaJWRoWRRiHJkILcloCK62k77SkHVPSkBiAK31Em_lf0DpfLSGX72v4RnVFayZ9GnL7F8rzVOv3hj0euyB9uLOOqUGTsiwZUU02PTpsjxagbk8sNYc63GFIOQqGCEOgiUJANj_oq2q_c6eLOZ5oAuuHueN3ertA3kqV4d38gu4yY9t_txplPaHQWUhKP8FZgaD2x62LZ8qgPXd7wTud1vlFy8cVCgSvlD7gZMI_O0E5nhKkA97QRx2BdO6FR6jUhzygZH0l-30cXw9XYAYatkf-0icvLFhy1v50sKZI0tmxJzCR4N4t81gtxBVZtt3zKiBYXVETy-vKJSyu2gNpDdQROr4RTxUkwQza83KlF0QeQWG0KTaWo_-quaX3whR-zV7f6Z5Yu_SLSr6-c9wXPrRQEmrX6IY6876oNhbWX2qQ48aKjakDNwJq3IPIbsoLoUFAA-F-qPGZ1kw5wJ7LUIt2ffd58AjMTQG7J2lwBGg4AJqgDWzNnhWSr5SQ3-7dpRVdHqUWUS0nRHuc0UstMLIGleRFij_TMYICLnjc7RovybStWJkGTULVsBLvlhMZTnRYGFFNiqSEcXweajU_rcJPL2QfLXYsN1pALJ3VHjgumN2rSaggvC1f9jQd-43YMYmdLq6Ae5a6ZJwaF-Xzm6eLAZJYwDnCPOUVbMr_H_vGAotDkFi-fGXC0Xy-8Y6uZi6B7xTyJ8qX3deDi1nnWa8VO3laLiwtMUQvKUJ4q_UQFhHL4y0lYuqiNnCvNuBqKMDwLjgIjEvqEvApLT19Zey39Rz2_Eyin7EJGj3bk9Tsy0lNxB6PXgCLctoj-0SbyLuLgnnK8uFMGJZOYvgG2vfF9PLJTFJiGC9hJ4vp1-rAzKt8eTC1Gymo8XSdfnNs90C_HDy85BW0EXWoJxZhAvf059fXTKl3SATZ00sxQTl8IowYZzSLlVaZ_qc2546YSuEUSKOMUI7sVo5Jmt_2VN5A_f5CnnaSeJzf5Qpn_opIBD7bOw9mBo5DjUJNm8EODEr-1mJKgqA0JnuAM2o6lqQgoF-h9Ab84CNeP6eNDfaRHaXizgf486E5Rz0EHRVpKndxjFhToPlyy29MI-HK8F-p4k3UolTbhtotp9e8-1ifWwkn5sLLIPzGl4tyNlw4ckPo4ooutimHBPkqcKXZnIVrkCKI4OLaa8rUtRCKznxCBNEscqhTwAghYtCXoq5NqhKTURqQi8XMcR14bJJk_iCwu2QQccLc2FSSZ6Avk61yz2ciDKye4F8jhIH09EQWJXwL3SRqc9-vaFdwa8V62Tu8ogRCuiuNVGuRzEAJkJPyRiPnz2qCgL_4X3GxTgu7GkRU78nTKx8p930EcwcSneyIyCdF5dSdB5_YxG9sGjR1L4XVz1AK3dZxxgjSLvE-EVg157QDkvosl-3PCLgHgj_N4c7E7kdT42WuMfd4fd12r-QQQ1314T5vkCGOu9gG_4NX4-dnYpjRNI6V3OKu5X9_KP0K1e8gUCdV2rLU3A1YRM2lszR5Lu9lFvaX-3JdBz2swfPLJ-pxZE5NUC0inh-8EJaYzSH2u6RQdtTQLfDZ9CKyUekdfo2CsmXChU1Sik4XsRmFPjnEut5u1v-ZnckYj9MZSltyi-JV3ULgsB5xocskTt56NCR-dgIUIPqU6R4Djx-kewQJ5aTYFjNtnWW7JpuyXPI8hWAOwIkOaHgZyciShUwvFnwQRyQCllDIPVs_CYYg&cid=CAQSTgAvHhf_vAzP426QBLEnFQ3Hgx3AKp4pxPEq2jsz239D1AU4WH0g0upgTblKbHIk0RnApLgR4rCPzdps2LJ0njQBOiY2ooqmWSue7NQvmxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs.id%2F&ds=l&xdt=1&iif=1&cor=549557503002373200&adk=2228999114&idt=152&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
36790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 03:29:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 0C3C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPZEszCRzbYwh4m3A96eLD8-o7TdRumy1bVuDu4k93m4DQS5UVgM59Jb_alMdqbIkyV2Z9A4LXow3p1y8cL1szD89TgzBla61Y4sEHqb3suehIGfAqxE9tyoEtqVC_AAECbQCGXsD1GijrFzxI-PAhdHzoACsqAanAjb55cr_eBrjrhHU&dbm_d=AKAmf-AX92ABEjphg2VR2EAUdKVyj90vx5V0auUqMaP60ct1wz64ynZU9VgvSGLEVLE5bzFen-lYfZQmGoxKa1B_8JR6-n2vqnJVeMWd39q1U0YCYLyXptY7RJauTP90uzWzy3cTM4YcpIcJGG_b80PsYBHmqc235dGI6V528ATVxzqUm2R2TBMWFrSSaPY0uAnoubNcKEYEAKFY9FU8Ig-EX_WURXYz2O3rPxkmbVN0XrL8lTzKEjzaGDWAHlZkqpqWaRZOb-AfXaBLDMb1Qx_P5V0aj8BC9UNHQp2qn4cDkJqzFnsFiRBYdgXyy46JjFiIhElY4KvezRGol5CyhwU9AZx-lyfoTuNFRS7GmVzEKA9Pr4SOlx9Tamls97_L4_aW8CDfvCqQQn0t1fqxaVuWZYmWL-LlXCtRLbDHMesuXVYxFflGhbP_0crvWwpCUtTFD89DHnkiqc4n8k8B3nxwZQTgSZONzFg2mWCfaS54lN0qkg6FfT4sac-bq_b4QW0uTvSieCAkIkFNr3Kfj5d3_DUGfv71WIcDMOwztZy6oPIzBEJDpgFZQ6hEDScItKKwW0YTm8zEe2g1yweDnRJxHVkst1GIq2r35iLd2eM7b4vwKH4xiPyJGHFH09BjxNH6Xick_0XAobCmYa5a38qhhP-C4VpdTaifELzVvLxtU_-4Tig2_lNSemrH5ck2vq-R0A_T3cLEIfahPDL-Pw63fwyq_iWVCyf01XNoieJEr1ePJJsV4WiHA2wO9oQvL_HmbHav8kaTAsKMA6f4dhW1DK0ju2zV_LyKGLv7CJOJRzCTSZrYgL1LPj2HVDzVyNl1nNHE7OObkiUOTmE8eNlpzj4g1u9zVRn1L4ZnTlrEs5DajdF3XALJzdoXTpxn1WRLFfLUNA_iUDeeEAoi89edgECEMQ9YhhvAzHRWUIf9_15jaTK8HPWkUeNbTzUAniNFMiSGRdvtglLMa6YD3z-PJjheRFVK1retNWBqmxs3DDLiLbctX_4Im5ysjAgikWHqp1RNoIi4cmLfC-KQBfkTM3NBV2Hf1nx0WXK8hfKt0lVQzZicd0o4ot_Swqp3Q7GfsbZVwKxtWyWbee2MivDahG6VICV4W8Q54ziOZ9kgZmrGXN6jAqop19GgqzUyfkHzMLDRvpRNZuARcq79rQ27vTBY1Q_d8Skre2rIXvfGNDZ7S2J2U6lP-Pi3Mfj6iWPPX_LoFMMdT1Trq2poSg0bYi7QN57_V-7XfCGQMWlYpotTkzw-Zw3xvXcuCe5vWTl3RHwB2JEhsx8sQvyt2WuNn0QJjgLeDNRi88x2y2tkgtUOk4M6g70GJgiaUsd1XpV52oXUaKfY3a92bgtLJgyikDPC9lmYH_J-WaBQOIpRE8_5xvLOqecOgLuiOOHvtnRrHLhJqn2y-YGHOznAZ3m4A5BH8FxmCxBjgcytVfv4rAcUkvk4CLksqbwbP_LNNJoNFKkknJNsaAiQ7bKTJoZ-MJwoMAr0VuNNOx5JfBQleqxGdmcnAnN7cQ84AUSiOs4Z64BkcZr9edYixxmVP7c3FY3nSwQBFxViyWpwF5S9is6QGBHvXVcYEUvMj6LcJbkA9xDTKsgrRUVpZa1XhM8hR-VnTOcpke7OCR4ey2Le1Hbqp3Ld1wwSuY0ip7kG5IWynRsSoysGVa4u5pc5sqf3nd7Fkbl7pyW5CJ24NNcu102E_HyY_AtLra7tXOr5PI7xxJv-YKuhG3h19O5BRvbs4l7X7HO5-EDjJ78sqQ6MmX89jjZwRAnUw8JiJC9MRd5KA2Yr3Vvkxxa3_RneO0L91HQshEOglU5YZ3ox06HuxAPx5GDEul5kjsfrTJZDXDjzJxJHbWOuqBm9ackrTiC9hJIwSODrRksagcG7WGrP0RaARKvKi5PCw-iOUDLlyhwFeFcW_Eu0hpGFv-Gg36Sme9-KaJWRoWRRiHJkILcloCK62k77SkHVPSkBiAK31Em_lf0DpfLSGX72v4RnVFayZ9GnL7F8rzVOv3hj0euyB9uLOOqUGTsiwZUU02PTpsjxagbk8sNYc63GFIOQqGCEOgiUJANj_oq2q_c6eLOZ5oAuuHueN3ertA3kqV4d38gu4yY9t_txplPaHQWUhKP8FZgaD2x62LZ8qgPXd7wTud1vlFy8cVCgSvlD7gZMI_O0E5nhKkA97QRx2BdO6FR6jUhzygZH0l-30cXw9XYAYatkf-0icvLFhy1v50sKZI0tmxJzCR4N4t81gtxBVZtt3zKiBYXVETy-vKJSyu2gNpDdQROr4RTxUkwQza83KlF0QeQWG0KTaWo_-quaX3whR-zV7f6Z5Yu_SLSr6-c9wXPrRQEmrX6IY6876oNhbWX2qQ48aKjakDNwJq3IPIbsoLoUFAA-F-qPGZ1kw5wJ7LUIt2ffd58AjMTQG7J2lwBGg4AJqgDWzNnhWSr5SQ3-7dpRVdHqUWUS0nRHuc0UstMLIGleRFij_TMYICLnjc7RovybStWJkGTULVsBLvlhMZTnRYGFFNiqSEcXweajU_rcJPL2QfLXYsN1pALJ3VHjgumN2rSaggvC1f9jQd-43YMYmdLq6Ae5a6ZJwaF-Xzm6eLAZJYwDnCPOUVbMr_H_vGAotDkFi-fGXC0Xy-8Y6uZi6B7xTyJ8qX3deDi1nnWa8VO3laLiwtMUQvKUJ4q_UQFhHL4y0lYuqiNnCvNuBqKMDwLjgIjEvqEvApLT19Zey39Rz2_Eyin7EJGj3bk9Tsy0lNxB6PXgCLctoj-0SbyLuLgnnK8uFMGJZOYvgG2vfF9PLJTFJiGC9hJ4vp1-rAzKt8eTC1Gymo8XSdfnNs90C_HDy85BW0EXWoJxZhAvf059fXTKl3SATZ00sxQTl8IowYZzSLlVaZ_qc2546YSuEUSKOMUI7sVo5Jmt_2VN5A_f5CnnaSeJzf5Qpn_opIBD7bOw9mBo5DjUJNm8EODEr-1mJKgqA0JnuAM2o6lqQgoF-h9Ab84CNeP6eNDfaRHaXizgf486E5Rz0EHRVpKndxjFhToPlyy29MI-HK8F-p4k3UolTbhtotp9e8-1ifWwkn5sLLIPzGl4tyNlw4ckPo4ooutimHBPkqcKXZnIVrkCKI4OLaa8rUtRCKznxCBNEscqhTwAghYtCXoq5NqhKTURqQi8XMcR14bJJk_iCwu2QQccLc2FSSZ6Avk61yz2ciDKye4F8jhIH09EQWJXwL3SRqc9-vaFdwa8V62Tu8ogRCuiuNVGuRzEAJkJPyRiPnz2qCgL_4X3GxTgu7GkRU78nTKx8p930EcwcSneyIyCdF5dSdB5_YxG9sGjR1L4XVz1AK3dZxxgjSLvE-EVg157QDkvosl-3PCLgHgj_N4c7E7kdT42WuMfd4fd12r-QQQ1314T5vkCGOu9gG_4NX4-dnYpjRNI6V3OKu5X9_KP0K1e8gUCdV2rLU3A1YRM2lszR5Lu9lFvaX-3JdBz2swfPLJ-pxZE5NUC0inh-8EJaYzSH2u6RQdtTQLfDZ9CKyUekdfo2CsmXChU1Sik4XsRmFPjnEut5u1v-ZnckYj9MZSltyi-JV3ULgsB5xocskTt56NCR-dgIUIPqU6R4Djx-kewQJ5aTYFjNtnWW7JpuyXPI8hWAOwIkOaHgZyciShUwvFnwQRyQCllDIPVs_CYYg&cid=CAQSTgAvHhf_vAzP426QBLEnFQ3Hgx3AKp4pxPEq2jsz239D1AU4WH0g0upgTblKbHIk0RnApLgR4rCPzdps2LJ0njQBOiY2ooqmWSue7NQvmxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs.id%2F&ds=l&xdt=1&iif=1&cor=549557503002373200&adk=2228999114&idt=152&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
36790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 03:29:33 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0C3C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
163092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:24:31 GMT
truncated
/ Frame 0C3C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
628a77c6379f632cedf2ed91e50597386ca373ba7c3dc93bcaa7e9a3486206dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B2FA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
163092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 16:24:31 GMT
expires
Fri, 24 Jan 2025 16:24:31 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10322374245016296065/ Frame 6626 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
480867
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2375
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 00:08:16 GMT
expires
Tue, 21 Jan 2025 00:08:16 GMT
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0C3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLoOaJw44Z-bFl2uGERCF2g9ahPpy4ejvd6FMNadT33Tk_-D0wpBu1sLUa611C_p8UIC5s3G1Yaw9N6Jv5PPWINA58cQSx6j5RVquj4uuxG1GebGsgrzYjHDCB9CSy5PNfZgMy2PYPatZGWJs006m9QdXNoKS4LundYK2-wueLWURUl19EKHKv_IHm1ggzFS2x6h-JIwQqOF26Cvy9ye16ZS1XySXMgTWlUaJj-9GVnlcesb2F6k-qBRQGlUQc0jsNM1yjDXAhIZFZ6kz2wv-GAkUgX3H0gGxyI92LrSjCf6IQ7BZ6X6woI1PZkp113tkPbU1he_YXy1hLdGKlAYLLCmucUdDdA5sSEMfUGZZeljqozDkS5UOQvbntF1ryJ2TWsveXEk83oJBQ9F9JVkBiHTAMtWZoYp-XfJz0yStt4CnTJgJ1FfkWlJ8jIgDEiMtSgcIE1I6dQnfzRGmfPWzfSDYq2Inw7EEmxaPF1HdgP7CSXrCWfnVFn-tAWiAaRmSdllwtfDFWjyvZKlLqUteC4uyhhD4J42ghdVKHeMeA0UjqC5V2EZDtewuk0Rrerz0AZr_OkBxMdTi0nHH3PYcRbDxUwp_MKrJkQBaGIkrfsFAOPeoCUNMS3S63jmhcR8ld07YY82eYyeMNknpH-PR1VQy1_OghjlxGGjS6gJC3c6PtqTgihg-e9TbId2fkeW1Vu3VDQbGFpOAkjfaaLAswqDQ1FFj1GEQ0pWUGH8rB1RzYTVowq2KvOW17_Q3vF_NZJoVFCZYLxDTr-VFllbjAHxwbNRU6gxniVwwym6H9cMWhMtzpHssJ-lBL-vX5NdgJW3ZTqW7AGtTAsWYYZdjaWzsMui5f7NZlE7BtIkHNBsST3CttsY1bBUgEVIdN3m1COycwIdOEOmCaMjhgkJmi6P5ZUgXPtHx-A0lXZD20UdeMoeB0zK_nNtoQVkZbi_IX3N4-bgUOswURLR_7byuljjJGOWL4RvT55XPwhPgQwsPoFAsTlYP76dAVED2k87xUTk8QwHSChd__1E0tbJ_FjUpfdsj_Y0GSNY6RynoCm9xNvw_N_xFjE5yAAFdu12WnC2WLHJy8ItlOdXJGWrzu_Hg5liVDBch1amdf3fMB4K_e0HvWFkHChmF2PBH_C9azpnZT11OQI1NbfrVjd8vnBzq4y4ubrvzW_FLxHgisaWZarC64Uo8UlTgiFkwU3iSfY-BHcHqyYCdNdTQF3pQjJDlf6DLLbJEQjrZF3z3x5nuCULG7Vi2Liq8uXQdreRCAozyPbNC5R0g44rZbBPy_4BsINu6bVLeUk9lbSw&sai=AMfl-YS9JNAkULrllhWWkx4tPbWD0bZpR0issgJTvakvpHsKEx6AVTnsanbw34UdtW_hAeNLYfaOaovfqty2JRAcKw_DJL_pkHitqZK7Mz4Xk7yy-S20sA7hdNPITPS1PXkeQHdgp8TwqcEq9rDZHujj94M5pjXlAHVebrQfBgdyY1qWtzZ15vRcYGvuF1qUpdR9dAEE4VwbLl12zfVozqzgNZJgJPQMTOo-GZ6fUjigvPM7ls-XTm8JvA5JyHiiFBbSpdoym7C2FZ8GqAp9zV_hQ2NhgX0RtxjI4rSyjQ&sig=Cg0ArKJSzKygWrWGr2SUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=131&cisv=r20240122.99966&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 13:42:43 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:42:43 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame B2FA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Jan 2025 12:09:17 GMT
style.css
s0.2mdn.net/sadbundle/10322374245016296065/css/ Frame 6626 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 22:08:24 GMT
date
Tue, 23 Jan 2024 22:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 6626 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1445943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 09 Jan 2024 01:45:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659c9715-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTJGwyqS9t4%2FuPlE0c5FOlDkjdtNwsZzXR8A18Yt7xCxlyb%2Bky1dRj7O%2BfSqlyws7KSpoCKxkbpQSFMKZTJDZlBwgdDD6H9NV6N1IGyx%2FZ5ppJrWAq%2FBXUHss69SMzkUymA5uL%2BUndDcsIdjbaW8RBUA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c16bae58ff997a-FRA
expires
Thu, 16 Jan 2025 13:42:44 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 6626 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2295417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isn9LMX8BUEH3n6iHk9s5Td3zY5ZVj1xZ6D5cy4ak0ivnmFY0O%2BrlITp%2FFJrvtbzmoOu4iX9YtS2XPlyuMaec9QoC1T5kToT8ferz3F5D5yuNMGuHzyOF2zK6mNZQiyay%2BwljX5W9tXLkrC2Fr%2BEU3qY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c16bae58fa997a-FRA
expires
Thu, 16 Jan 2025 13:42:44 GMT
dyson.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 20:44:51 GMT
date
Tue, 23 Jan 2024 20:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		2 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 23:35:52 GMT
date
Tue, 23 Jan 2024 23:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310011
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:08:16 GMT
date
Mon, 22 Jan 2024 00:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:07:36 GMT
date
Mon, 22 Jan 2024 00:07:36 GMT
x-content-type-options
nosniff
age
480907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 23:31:32 GMT
date
Tue, 23 Jan 2024 23:31:32 GMT
x-content-type-options
nosniff
age
310271
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:07:37 GMT
date
Mon, 22 Jan 2024 00:07:37 GMT
x-content-type-options
nosniff
age
480907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gradient.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 23:32:31 GMT
date
Tue, 23 Jan 2024 23:32:31 GMT
x-content-type-options
nosniff
age
310213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 23:25:03 GMT
date
Tue, 23 Jan 2024 23:25:03 GMT
x-content-type-options
nosniff
age
310661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
overlay.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 07:15:12 GMT
date
Tue, 23 Jan 2024 07:15:12 GMT
x-content-type-options
nosniff
age
368852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		192 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:08:16 GMT
date
Mon, 22 Jan 2024 00:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/10322374245016296065/script/ Frame 6626 		4 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:08:16 GMT
date
Mon, 22 Jan 2024 00:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4.js
static.adsafeprotected.com/ Frame 0C3C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019481/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20843743084&bidurl=https://s.id/204hb&ias_d...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Uwi1ZfnxHpSk9u8P28eA0A8&cbFunctionName=goog_wrapCb_Uwi1ZfnxHpSk9u8P28eA0A8&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Uwi1ZfnxHpSk9u8P28eA0A8&cbFunctionName=goog_wrapCb_Uwi1ZfnxHpSk9u8P28eA0A8&true_pb=
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2450:2e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:34:33 GMT
x-amz-version-id
j.dc8NhIHD_.W9XQnY1wTLb3uCGP048v
content-encoding
gzip
via
1.1 c0d1c71355dba844bcbee0b54705b9fc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
320892
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 23 Jan 2024 20:34:31 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
LED1zwCJt_GCKycQsr4eJVNZFKDeRaa48S-at6CIqa8QrdwddCrL4w==

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:43 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_Uwi1ZfnxHpSk9u8P28eA0A8&cbFunctionName=goog_wrapCb_Uwi1ZfnxHpSk9u8P28eA0A8&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7294 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 c0d1c71355dba844bcbee0b54705b9fc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
11108014
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
YUvcG6AVx9XouduzaFzy2WGLMDtqyK-e9Co5b7pfOk8QsYFL5trFmw==
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTBO,pingTime:-3,time:68,type:v,im:%7BpBlk:60%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:0,renddet:na,siq:27%7D&br=c
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTBR,pingTime:-6,time:71,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:0,renddet:na,siq:27%7D&tpiLookup=ao:s.id*&br=c
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTBZ,pingTime:-2,time:79,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:674,beZ:676,mfA:680,cmA:682,inA:682,inZ:686,prA:686,prZ:693,si:700,poA:702,bl:735,poZ:735,cmZ:735,mfZ:735,loA:745,loZ:748,ltA:752,ltZ:752%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:79,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:27,sinceFw:50,readyFired:true%7D&br=c
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=4367526890288832&bg=!-fql-rXNAAa8BdJLnAU7ADQBe5WfON26StfP7uReGPIfVlYi7DvZLtbQDw7RUhgB3tFT1SQtLWVzK_szPSVcYBXb_YrPAgAAAINSAAAACmgBBwoASoYe0tOd0rQdsxuZB-olXq4dJdeYXALxoNIxcAcojAUM46ne9bEvM_YXgILBHlS9GJIzRllSj18kdTTTALo9T3e2PqzGSxBRUpnpmQK1gWP6BMCVwFkh4a8uyINRS3zTcjzhdob5BVvw7SWdFWjdU0Vh1Ryxj7CuVcIjiBM04FzbStKG7MZHDU2EzwE8aC2-0LaBwgWpg18eSVPwtqRP4nUQoJxia_RfT-CQJQ1gGjmJLBdUFfzu8gkU57tEt-7DCNBT4buT24nRFZEaQFOwm1O40AYmJ2QfjyC5VrQbSEVWxVWw6toLJTmT1nHZ3f-T57DCBZzTVUbgALHZ0U-DFex1kSaj-Cp14kL5_odVR1YUBSPre_IRCGYxsoLZS__RUTl9xxpnWizOqaErPkDhzsJDyRZkj1Zkzt-PLqWtcDLJvi2NzeKOEeFG_0D4CggRvqSxoVKqu6mfwQ8fusQvpGlmBBEf8ba0lkSPify-hBXoqQybT2axBhYeCsoKh579dpPPjCBfxbM147lWgoY_5nfmRjaCNeXtUCbNN2TGP3wMCE_O6XHppYK0DIpVlw5cSQgYN6yverGvwW_rgVlP3hQvLskHMoP14WBjWWhaAUhZaeRCSmdN8Ulo0q9nXwnbAylbqKVkVbGcYbh9S9446wlQqdkBlCYPi-xNNqEqKmSgsYdobjceCfbs0D0hZ8G960YBbpKSUspC_YtBgcIMP6OlYMt1bFps7XhfR4dzBipPXNkvNyZO2iugjCi63wo2-f5eWTLip90sx7nCealBJyzTY4Zfe_1x4WFVd0cAVicNztPKt-dAtjl15Xpysj5ks-WzFox8Cxp6A9LHS0OKrnj9h_M9CTUl2CtuXYD_1VuvpOOvttv2V7g1IsKzeopTEwKRspZaHrElFmj2TZuVcImZHuYvAY2ZlWaXJ8sIvLje3TnQVa9oUssTyebkwoVqwDaFOerByd5cZG31QLdxiuC7OchKsVHkMTGWYdVaCV0XTT029ts1wFecd9zbjgLTaYvX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTDQ,time:194,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B184~0%5D,as:%5B184~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:0,renddet:na,siq:27%7D&br=c
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPbWHUwi1ZfnxHpSk9u8P28eA0A8AAAAAOAHgBAI&bg=!zc6lzoHNAAa8BdJLnAU7ADQBe5WfOBO2wnlYnbKgdmfr4NyuMXzM0R8aoiy-zj-7u0cl901ywPOejooAmPsQmHpsOnjWAgAAAQdSAAAACWgBBwoAKTO-JHxxf9jVCxU-doCNUOyhJHBhRjMN92HvIvYRkNifjoIPHHy0H7jUmQL-6hwyivn1u8yufZMvAK0P-IlA2egB_rJ5wuD67pYP5dvK5n-JWXYqDr1wdIvCpVoGaz_0ipzaMXKYnwjGJSCjVttJvPidRTvqGmyKSzOcXDHVfnDkH7HZpdP1sCxgmjOEk4UYR8LdyMou8Pzs9485uVNSjpOj8HIEMrzdD4jrcLc6jO5OLcAw0EJ8naxqKI6Y2xb_PDSJ5XgFHAKBh33tl32L_xxYfuuIjt5n9wqRInUMBs19WdFQOWLnWiPKVOmGR5gG_zJwjoT2WXpHJpC1Ov01jwPZ9WzerxvoaoYZkf5JlEwr2_id36sdj0jsloGOPNYKbFFWqEUASZFELPqCWq9POb48F5h5OfoSizNX4LCkj1VIsHbF16ji6Y9k5eq46d-8WE0_pYCaoBcutHjopu8exncwrOwikzI14a47hVHGSYmkMh_CLmfoGkx9ala-4u839IQax4_BIT-tbRG8WihfeuvVkFxtL3hJQc7IRP8VgxOgSRRlf3LOKzswlXy5UZtznfWOYU0ftNE4JheywIXg2LcDXIfy44j4UYdZrpf9g3g5D3X6hP_Qao4SVs4J0Qh8baYop5HOt8M1e55hxTdYQEdg2BfXXL0ZfaZCdZ4IZm2nwj-rr62QlhneVzuXCLQXgmvDQewmvf_v2rsJUHnpTGx3C09TCoXv_E_-Wa2krabQ_EUq9ZF2G8C9Tp3NGeBekpWKQpKbR_h7PKE9YiNK-04oT4xBmFi5_f5WF9x51P_y09cW2fE6TVGDH4588OaE_6E5Jz9S6xOvI0ecxU4WOmB_X1cLjUypTRVCeqoiHlxGtcdEs7XxZ3MIjT2sYcMgUogP8QuBfpHDslkOKnvtZjnsXkadEU6QyqquMG1aJkvvjLm74eYclmFbTQtbYkYUBDy82UJTs1jqf2EGEPGLI-6YvnR-_FMm7xbG826BQ-EotT3r4048dYmRr8DUcIO-3R9hx3lqDv9c4yncZ56sh7y5QuEsmqmU7EnkPymb4EvTGM7g44dynPNuMQ
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dysonfutura-book.woff
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 6626 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 00:07:37 GMT
date
Mon, 22 Jan 2024 00:07:37 GMT
x-content-type-options
nosniff
age
480907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame 0C3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLoOaJw44Z-bFl2uGERCF2g9ahPpy4ejvd6FMNadT33Tk_-D0wpBu1sLUa611C_p8UIC5s3G1Yaw9N6Jv5PPWINA58cQSx6j5RVquj4uuxG1GebGsgrzYjHDCB9CSy5PNfZgMy2PYPatZGWJs006m9QdXNoKS4LundYK2-wueLWURUl19EKHKv_IHm1ggzFS2x6h-JIwQqOF26Cvy9ye16ZS1XySXMgTWlUaJj-9GVnlcesb2F6k-qBRQGlUQc0jsNM1yjDXAhIZFZ6kz2wv-GAkUgX3H0gGxyI92LrSjCf6IQ7BZ6X6woI1PZkp113tkPbU1he_YXy1hLdGKlAYLLCmucUdDdA5sSEMfUGZZeljqozDkS5UOQvbntF1ryJ2TWsveXEk83oJBQ9F9JVkBiHTAMtWZoYp-XfJz0yStt4CnTJgJ1FfkWlJ8jIgDEiMtSgcIE1I6dQnfzRGmfPWzfSDYq2Inw7EEmxaPF1HdgP7CSXrCWfnVFn-tAWiAaRmSdllwtfDFWjyvZKlLqUteC4uyhhD4J42ghdVKHeMeA0UjqC5V2EZDtewuk0Rrerz0AZr_OkBxMdTi0nHH3PYcRbDxUwp_MKrJkQBaGIkrfsFAOPeoCUNMS3S63jmhcR8ld07YY82eYyeMNknpH-PR1VQy1_OghjlxGGjS6gJC3c6PtqTgihg-e9TbId2fkeW1Vu3VDQbGFpOAkjfaaLAswqDQ1FFj1GEQ0pWUGH8rB1RzYTVowq2KvOW17_Q3vF_NZJoVFCZYLxDTr-VFllbjAHxwbNRU6gxniVwwym6H9cMWhMtzpHssJ-lBL-vX5NdgJW3ZTqW7AGtTAsWYYZdjaWzsMui5f7NZlE7BtIkHNBsST3CttsY1bBUgEVIdN3m1COycwIdOEOmCaMjhgkJmi6P5ZUgXPtHx-A0lXZD20UdeMoeB0zK_nNtoQVkZbi_IX3N4-bgUOswURLR_7byuljjJGOWL4RvT55XPwhPgQwsPoFAsTlYP76dAVED2k87xUTk8QwHSChd__1E0tbJ_FjUpfdsj_Y0GSNY6RynoCm9xNvw_N_xFjE5yAAFdu12WnC2WLHJy8ItlOdXJGWrzu_Hg5liVDBch1amdf3fMB4K_e0HvWFkHChmF2PBH_C9azpnZT11OQI1NbfrVjd8vnBzq4y4ubrvzW_FLxHgisaWZarC64Uo8UlTgiFkwU3iSfY-BHcHqyYCdNdTQF3pQjJDlf6DLLbJEQjrZF3z3x5nuCULG7Vi2Liq8uXQdreRCAozyPbNC5R0g44rZbBPy_4BsINu6bVLeUk9lbSw&sai=AMfl-YS9JNAkULrllhWWkx4tPbWD0bZpR0issgJTvakvpHsKEx6AVTnsanbw34UdtW_hAeNLYfaOaovfqty2JRAcKw_DJL_pkHitqZK7Mz4Xk7yy-S20sA7hdNPITPS1PXkeQHdgp8TwqcEq9rDZHujj94M5pjXlAHVebrQfBgdyY1qWtzZ15vRcYGvuF1qUpdR9dAEE4VwbLl12zfVozqzgNZJgJPQMTOo-GZ6fUjigvPM7ls-XTm8JvA5JyHiiFBbSpdoym7C2FZ8GqAp9zV_hQ2NhgX0RtxjI4rSyjQ&sig=Cg0ArKJSzKygWrWGr2SUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=732&vt=11&dtpt=597&dett=3&cstd=131&cisv=r20240122.99966&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTHH,time:433,type:e,im:%7Bpci:%7Btdr:384%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:433,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B423~0%5D,as:%5B423~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:338%7D&br=c
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTM2,pingTime:-10,time:702,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706362964613%7C%7C8d3e4bebd049cc2ea668e3a9b43cc276%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Ce3317fc33fed2fa089ecc5320db61a67%7C%7C5770d7f6b5dc61fc7045ce5c2c17a311%7C%7C638745ff17cfeada272ed28764dab0ee%7C%7Ca41456e63653c59309f9ce9699381ef0%7C%7Cecf6e2590b9224a44caaee73e5adefba%7C%7C1663701684%7D
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C3C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA38JDjR5zDlgs5hrBPYsPyNjBXzFTeg4qf12kKRjaAu0pzryHkp_1bH4nXoecG20DlKKbtJ7rDEVQRpva4hK3Tla9sM5GnVC8xzBBkWD81NNLV2Rj13yUWOzcWwlhpr6mGxyq3HrmOsp2C1bZJzylAnJ0&sai=AMfl-YTfu_dCD8FOMnKuSB_2lJXfMhCP7Hfk8GrJ2g76LlfTGAxRhvBEivVJwfojVLfh9rc537tgymObEfpOPdTvJiGgDZf-FnxNJ1SzosTqjKs-j8u6EDrGDFTzeopeuwzHlT7KA8vaRQ3HqlvbkHSp&sig=Cg0ArKJSzInT5N6bVccbEAE&cid=CAQSTgAvHhf_vAzP426QBLEnFQ3Hgx3AKp4pxPEq2jsz239D1AU4WH0g0upgTblKbHIk0RnApLgR4rCPzdps2LJ0njQBOiY2ooqmWSue7NQvmxgB&id=lidar2&mcvt=1000&p=582,650,832,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3108647390&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170636296300&rst=1706362963238&rpt=410&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBTPw,time:918,type:e,im:%7BpLoad:890%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:919,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B909~0%5D,as:%5B909~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:186,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:338%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:44 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C3C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3114235537589&version=m202309260101&ct=76&x=1&cor=549557503002373200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBU8t,pingTime:1,time:2093,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:100,vs:i,r:,t:1093%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1093,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1083~0,0~100%5D,as:%5B1083~300.250%5D%7D%7D,%7Bsl:i,t:1093,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:338%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:46 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0C3C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ae318da9-dbbd-1a42-bf30-3544a66cfa96&tv=%7Bc:2vBU8u,pingTime:1,time:2094,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:100,vs:i,r:,t:1093%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1093,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1083~0,0~100%5D,as:%5B1083~300.250%5D%7D%7D,%7Bsl:i,t:1093,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:u2zr6gU+11%7C12%7C13%7C14%7C15%7C16*.1874223-77019481%7C161%7C1621%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:338%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:bad:39fb:3054:9ae2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:46 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5JJTR8XKXM&gtm=45je41o0v9123215351&_p=1706362962328&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=611971924.1706362962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706362962&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&dt=Confirm%20redirect%20action&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7770
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJTR8XKXM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		222 KB
58 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4367526890288832&correlator=1411936197971090&eid=44809527%2C31080255%2C31080709%2C31080116&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=428387926&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D27a9c77d06b6c898%3AT%3D1706362962%3ART%3D1706362962%3AS%3DALNI_MYNKPbcKfIz3-MVzTjvsW0_Q0j21A&gpic=UID%3D00000d4aac73c853%3AT%3D1706362962%3ART%3D1706362962%3AS%3DALNI_MZBP_JIyfzKjkmpaZ6kN8xqwUynLw&abxe=1&dt=1706362967637&lmt=1706362967&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fs.id%2F204hb%3Fa%3Dconfirm&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=611971924.1706362962&ga_sid=1706362963&ga_hid=1317580852&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzIWi2dQxSABSAghkEhkKCnB1YmNpZC5vcmcYo4ai2dQxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMyFotnUMUgAUgIIZBIXCghydGJob3VzZRjEhqLZ1DFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pT0RCd2JUWk5VMjlSVVhsa1UyMWFaa1J5TldGRFVUMDlJbjA9GJqJotnUMUgAEhsKDGlkNS1zeW5jLmNvbRiVh6LZ1DFIAFICCGo.&dlt=1706362962111&idt=485&prev_scp=env%3Dprod%26site%3Ds.id%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fs.id%252F204hb%253Fa%253Dconfirm%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D41%26protag_minutes%3D42%26protag_hours%3D13%26protag_day%3D6%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&cust_params=adBlock%3Dfalse&adks=2571317652&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58905
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://s.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl_page_level_ads.js?cb=31080709
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8d2c603bbd4530fe720e2c6512661a21c42b85b1a9a35392ec3f874d6edf8a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
7560
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14197
x-xss-protection
0
server
cafe
etag
1885252554783346791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:36:47 GMT
container.html
59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9576 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:42:42 GMT
expires
Sun, 26 Jan 2025 13:42:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 9576 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 13:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 13:12:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 13:42:48 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame AC50 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 19:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 19:07:52 GMT
4f26b05aa9d204d980ccb41a4ef3c654.js
www.gstatic.com/mysidia/ Frame AC50 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4f26b05aa9d204d980ccb41a4ef3c654.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54875
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 23:44:58 GMT
css
fonts.googleapis.com/ Frame AC50 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 13:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 12:18:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 13:42:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AC50 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
78747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 15:50:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame AC50 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
78746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 15:50:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AC50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
60505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 20:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AC50 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
6177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 11:59:51 GMT
l
www.google.com/ads/measurement/ Frame AC50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYbZSMu8N8Q1hU5ScpPfmLqsckDBSlUQI533aT1JeCuNucUfJrs6SRObdAPijo9JNw7bQDsSHr-LbYYfZKt3avjaZlZw
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AC50 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:42:48 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame AC50 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: s.id
URL: https://s.id/204hb?a=confirm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 9576 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:38:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
50673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9462
x-xss-protection
0
server
cafe
etag
4236850132385514013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:38:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9576 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:17:04 GMT
x-content-type-options
nosniff
age
1544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 26 Jan 2025 13:17:04 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9576 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:35 GMT
x-content-type-options
nosniff
age
310273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Jan 2025 23:31:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F88 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 5F88 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHX3HoKScXvukT8VxP45aIQ&google_cver=1&google_push=AXcoOmRJJ4Xus4TBz3Wfq52tgXRyEKRMsAATM_8P5DvRrTcn0LYpg73yK4YfDKaSiw_--V5ExiBnYklgQL473Hed5ViXkPBOHA
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1720 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 5F88
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO-18S-TDJ5DxSWwCyZIGNk&google_cver=1&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96o...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96odJP1_ELxlwxUEpQHel5aWA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96odJP1_ELxlwxUEpQHel5aWA
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 27 Jan 2024 13:42:49 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0688C308D2C04B01BF59C3C2E83DA77C Ref B: FRAEDGE1513 Ref C: 2024-01-27T13:42:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSdKzvZuWRFTJP9RfmlIT5ZlUlP-QG0AsMm1E_suZghvIUfAbCzLuWh1cdrq3luuslWCn96odJP1_ELxlwxUEpQHel5aWA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP7ZafoGj5FxzFPICTlQ==
sync
x.bidswitch.net/ Frame 5F88 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELukiRKc7h8Ai9A42B9NRyY&google_cver=1&google_push=AXcoOmQ5--_ee-BnRZ6ap6bD9_ntU8PrBq-DNLT4UIdX5ZHrE4grIBDUiY8X8KXgc51H9j5w6fcDvQb2rZ-ys5eUurtKXQcqxg
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 13:42:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 5F88
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-52b77388-b97e-43ac-8522-644af321311c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSJUK5ND6p753PeS1CEd...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&google_hm=A1K3c4i5fkOshSJkSvMhMRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&google_hm=A1K3c4i5fkOshSJkSvMhMRw
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJUK5ND6p753PeS1CEdXl3pV-UgvLSPYAKT3dd9mR_fHNRzvwB3ErOKfkyqGdsh6r91ZEgDdXs7eggHWCuph0dVsHo-kc&google_hm=A1K3c4i5fkOshSJkSvMhMRw
date
Sat, 27 Jan 2024 13:42:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX52b77388b97e43ac8522644af321311c003
content-type
text/html
pub
cs.chocolateplatform.com/ Frame 5F88 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEOPceDVantTvdEFj1I0OdWI&google_cver=1&google_push=AXcoOmTx_ASN8irR9MErTQitsR2LDFOi-HMfSLo8BSn1K_1C2KEwJusEoBI24VNPgrh6mDOGtMGLsYFFLFoH7Rajel7ohfS56Ek
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 -, , ASN (),
Reverse DNS
Software
CookieSync Server /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 13:42:48 GMT
server
CookieSync Server
content-length
0
/
onetag-sys.com/match/ Frame 5F88
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEUL9ZA5s20xHL0Y75vcvNk&google_cver=1&google_push=AXcoOmSPgWbHFJpXtZcuVjZKYtFEjY3iEOiORaZDPuXz-DHTaiI2YWvY6La1xl6TrijIKoN-uyGi4o28upE...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSPgWbHFJpXtZcuVjZKYtFEjY3iEOiORaZDPuXz-DHTaiI2YWvY6La1xl6TrijIKoN-uyGi4o28upERZ377cyHUqI3WYF6W
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.75.86.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F88
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cde98e73-b5db-49a4-b555-a582f1d26faf&google_cver=1&google_gid=CAESEGrSHhSs22v9HmTV9tT8wSo&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cde98e73-b5db-49a4-b555-a582f1d26faf&google_cver=1&google_gid=CAESEGrSHhSs22v9HmTV9tT8wSo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRrKYsHJVzw9qnKBdPmFSGxrl9SjMS9jaSpesH_4Wnc5kgid4tSwB1Y1g4XcbTwF1Sjep7USf8mIUqSXd8zhaEe2QpxV5aZ&gdpr=${GDPR}
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 13:42:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cde98e73-b5db-49a4-b555-a582f1d26faf&google_cver=1&google_gid=CAESEGrSHhSs22v9HmTV9tT8wSo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRrKYsHJVzw9qnKBdPmFSGxrl9SjMS9jaSpesH_4Wnc5kgid4tSwB1Y1g4XcbTwF1Sjep7USf8mIUqSXd8zhaEe2QpxV5aZ&gdpr=${GDPR}
date
Sat, 27 Jan 2024 13:42:49 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5F88 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwlDl9lF1aJa7Iz6YcjhcTtQ_iHnw5W7z2d0iBAscyj8Qvhdd9dNC-vUHxxd8i-sL-YrabVdw
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
pagead2.googlesyndication.com/bg/ Frame FE17 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Requested by
Host: 59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
URL: https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
223956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19599
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 23:30:12 GMT

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| googletag object| protag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing string| protag_matomo_domain string| protag_matomo_SiteID object| google_reactive_ads_global_state number| google_unique_id object| pbjs object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_149 object| Criteo object| Criteo_identitytag_149 object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
.s.id/ Name: _ga
Value: GA1.1.611971924.1706362962
.s.id/ Name: _ga_5JJTR8XKXM
Value: GS1.1.1706362962.1.0.1706362962.0.0.0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: cc548f1c-ccfb-4d1d-b20c-b0f138857e28
.openx.net/ Name: i
Value: f34a66e8-c4a8-410c-9d4a-665f0ebe5a09|1706362962
.s.id/ Name: cto_bundle
Value: 56cJO180JTJCM1M5cFlUNm1yeGdvV1JSR29ZbFRsVUl1Y0RvcFhRMFRIT1BiN2l4TVpva0dwUndMeVNRUVNaRmhxcjMzTVNiNGNSMkp6dlBDd05keHpGRXdFMnFVS3hyWDZWQWpGMjlZRWVGejlPbyUyQjFjUFRqTnF3Njcya2tWZXJReEVmNXNpbUhXbDFaSGJTZDZkSldTNnJ0NUZ3JTNEJTNE
.s.id/ Name: __gads
Value: ID=27a9c77d06b6c898:T=1706362962:RT=1706362962:S=ALNI_MYNKPbcKfIz3-MVzTjvsW0_Q0j21A
.s.id/ Name: __gpi
Value: UID=00000d4aac73c853:T=1706362962:RT=1706362962:S=ALNI_MZBP_JIyfzKjkmpaZ6kN8xqwUynLw
.doubleclick.net/ Name: IDE
Value: AHWqTUnqp1PsoQ0dbWoDlp6ttkfwhOi7tTbRf5yPhbG2KRf07z0aF8eO_X6NHdbS
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6sbcM4KyJr6ofb5c1O7SvZzY0DXoUuiZTakn9GmYP1KF4gCw
.casalemedia.com/ Name: CMPS
Value: 5239
.adnxs.com/ Name: XANDR_PANID
Value: sY5usBfNF8nti_SjEx_VfTL2_X20da-Ba1fdvgbezDTS-jKPpTYtXEbWLB0po6rA7oPIHwbXwJJS5RnktNZh4RtHkE5ey3qOYYFfFIacjcc.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU%nNUET!]tbPl1M>e)ZlrFUfJ+tGXxp)F=b9@ZSSe@SadbO^iuS/HTHZn`dYz5A7]_O3If)y3KL9D3I?*j@^_p`
.adnxs.com/ Name: uuid2
Value: 4390193367645194499
.casalemedia.com/ Name: CMID
Value: ZbUIUwVCUaK0degz0V.0UgAA
.casalemedia.com/ Name: CMPRO
Value: 1164
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59f3a8923f434fb6df8e907d77feefde.safeframe.googlesyndication.com
adx.protagcdn.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.chocolateplatform.com
csync.loopme.me
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
protagcdn.com
px.ads.linkedin.com
region1.google-analytics.com
s.id
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
141.95.98.65
142.250.181.226
142.250.186.66
159.203.145.121
172.64.151.101
18.155.129.34
185.89.210.82
193.84.85.178
2001:4860:4802:32::36
2600:1f13:800:7780:bad:39fb:3054:9ae2
2600:9000:2450:2e00:8:48e:53c0:93a1
2606:4700:10::6816:3456
2606:4700:20::ac43:4bb1
2606:4700::6810:5514
2606:4700::6811:180e
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:21::1720
3.248.239.255
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.214.142.236
35.214.149.91
46.228.174.117
51.75.86.98
52.210.162.23
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
1ff35146db91f56921153cccfdeb95ced7a593d897d00cc1bcc86b6ce53fc09f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
270421a16b8dace9b6a9c1114061c97e2a22ef43118179a029307813e96d37bc
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
61b2e117428c68d77bbf3fe7bd41d4b8d64bb6ed6d11a535bc346693f44e30d2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628a77c6379f632cedf2ed91e50597386ca373ba7c3dc93bcaa7e9a3486206dc
79055357dbfcec304ed20d06df3d83db148e7f812581838bcdd73443b00a345f
7c3559919762ede4467e40559fd138b1d40377f4e2dff6f25774ea8daf72817e
81b2da7adc107bd5dcc2d775a50f62ed423540914636653ec0ea6b458bd4f78c
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
8b58b6db13a5d13088670edbe9788d925dbc5d61b76f250e2c4d44af7dcdab27
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8dcc9758295c79923c01bcb3d58f10f3b4fa9cbfb8da9a454547677fd57b0dcf
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9226b79c579e5fb8cf01527373a118cc95a220b71934dd031a393712f0558d51
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d9972634fec07c4688236502d62e9b9f7edb5248e0a2f73ed63635b6526212
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
be3f653d73713d0c8e10917b72e227e9bbbe6c2b60801bd539eff4506150a64c
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8d2c603bbd4530fe720e2c6512661a21c42b85b1a9a35392ec3f874d6edf8a6
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
cade9e1f1f3ab592811f67a139855798cccb19b2728e233b1b29b4825ed9bc60
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d86c32448881af0e96b6a83c83e12b5fa322415920ba574e5103d88dd70c1103
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876