s.id Open in urlscan Pro
193.84.85.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.id/seytaninkoli
Submission: On November 11 via api (November 11th 2023, 4:52:01 am UTC) from TR — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 9 countries across 23 domains to perform 94 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
18	2606:4700:20:... 2606:4700:20::681a:6f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	3.120.100.40 3.120.100.40	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:abeb:a582:6f70:20cf	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
94	24

1 193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:6f9 (United States)

ASN13335 (CLOUDFLARENET, US)

microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.100.40 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-40.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:abeb:a582:6f70:20cf (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.182 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.104.4 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	300 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	91 KB
21	s.id s.id — Cisco Umbrella Rank: 158997 microsite.s.id — Cisco Umbrella Rank: 628691 app.s.id — Cisco Umbrella Rank: 507982	1 MB
6	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1007 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	924 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	251 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	449 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	725 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	874 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	127 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846	60 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	716 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 755	734 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	718 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	246 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
94	23

	Domain	Requested by
18	microsite.s.id	s.id microsite.s.id
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googleadservices.com
3	d5p.de17a.com	3 redirects
3	www.googletagmanager.com	microsite.s.id www.googletagmanager.com
2	sync.teads.tv	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	app.s.id	microsite.s.id
2	cdn-sdotid.adg.id	s.id
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	d.agkn.com	1 redirects
1	um.simpli.fi	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	s.id
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.id
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
94	30

This site contains links to these domains. Also see Links.

Domain
trmsskuydk.net
home.s.id

Subject Issuer	Validity	Valid
s.id R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
app.s.id R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://s.id/seytaninkoli
Frame ID: F2073CD96E69EE16DC16ECA5062A6373
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 49BD9AA6699E54FEE49669EBE700D201
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699678315&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315532&bpp=5&bdt=240&idt=151&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8669059323592&frm=20&pv=2&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=174
Frame ID: 0693108AF74F0C6C135A3C91D13021DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699678315&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=2&bdt=618&idt=-M&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: 12B40095B8F3453D0DE572FE71E448DA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Frame ID: 9B7E97DAE69E8EA8307064093C1BC546
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58477424160B7C046209B445FCB1F4AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 879D888F87537669426DCF8F079ED6DA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 661FBB14B0BDE7AF295B6DF2F88853E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 34FC99D34DC538B06DF578D17CD94FB1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: F87DA5D75077F770FBA3C755341E3BCC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 32C5A1CA77813B9A42A8E56373BD70A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9C8F9F738F7C68FC95F1B976C50FF91
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0206D90E8AE9E2A462225750954CF46A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arac Hasar & KM Sorgulama Hizmeti

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

94
Requests

86 %
HTTPS

59 %
IPv6

23
Domains

30
Subdomains

24
IPs

9
Countries

1976 kB
Transfer

5888 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://trmsskuydk.net/km
Title: Kilometre ve Muayene Sorgulama İçin Tıklayın.

Search URL Search Domain Scan URL

URL: https://trmsskuydk.net/hasar
Title: Araç Hasar Kaydı Sorgulama İçin Tıklayın.

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=seytaninkoli

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 47

https://um.simpli.fi/gp_match?google_gid=CAESECmCwU0EDmktlrFRINo8yls&google_cver=1&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUYhTRSExV6BadfNet9H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DC3624BF2FD411681467B4D4EA32F6A&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUYhTRSExV6BadfNet9H

Request Chain 48

https://d.agkn.com/pixel/2175/?google_gid=CAESENIUDDC2OYrAzkDqPx371pY&google_cver=1&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI&google_hm=Q0FFU0VOSVVEREMyT1lyQXprRHFQeDM3MXBZ

Request Chain 49

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELIajuizFu0SE9NPBfay6-I&google_cver=1&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2kiC5tZyx7X8AOCrRi1Wb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMDA2Mjc4MDk1MzkxNzU5OA%3D%3D&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2kiC5tZyx7X8AOCrRi1Wb

Request Chain 50

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFCdfPt0ontY44xKd_scFtk&google_cver=1&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40VgpFtpd1BQDPkwHl-RP HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40VgpFtpd1BQDPkwHl-RP

Request Chain 51

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd5mOq4cLsOkF44li5izG4&google_cver=1&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bHPiIffsQkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bHPiIffsQkg&google_hm=eS10ZmpfRjY1RTJwRmxFaGQ5Z0VNWlIubDg4eGFWNVN2Tn5B

Request Chain 52

https://d5p.de17a.com/cookies/google?google_gid=CAESENFfSYOCfV7HfvZG5V5KI8U&google_cver=1&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENFfSYOCfV7HfvZG5V5KI8U&google_cver=1&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA

Request Chain 72

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL1fw2bRfxZsNV1mpRXajw4&google_cver=1&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPFNZ27y2HwXDrR HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPFNZ27y2HwXDrR

Request Chain 73

https://d5p.de17a.com/cookies/google?google_gid=CAESEOZmlDmF-PycYyHrRSDg9aM&google_cver=1&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8ErWIkuyew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8ErWIkuyew

Request Chain 76

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOvb1MsBFZGg4kipIY20Z6o&google_cver=1&google_push=AXcoOmQYjkuAP0Fx_ugYo-WoT5_7JhYcQ1-m62vGmtZ29QI2jGfAmT9J644mcYZB1IAkefFNTbc0m7j8JTz3WFLoK9ARWG_Hppb9MmU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQYjkuAP0Fx_ugYo-WoT5_7JhYcQ1-m62vGmtZ29QI2jGfAmT9J644mcYZB1IAkefFNTbc0m7j8JTz3WFLoK9ARWG_Hppb9MmU HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 80

https://googleads.g.doubleclick.net/pagead/adview?ai=CTqO2awhPZeSqO9SdjuwP_Pi0sATl47mSdIaw_7DzEWQQASDKhNqPAWCVkqCCsAegAaXt98UDyAEBqQLSS1n3nu2xPqgDAcgDywSqBMUBT9CN_QygjufBKbYknVwNgWWqukTpYoQQyE3gc0nueW5YevEpvLfkWgJwqMKDlWXmVmnvcSrmvcOGk8035w6TfEROiRxZayUdtZAl4JRgoya077teGxfdW_sqEqYhC2_QC3mJQrI260dJEc-2G40XdJhLOMdskxJTNohP08hKZ5W2YLCXo5547C-1N6pG8jd2pixoHm2pczAgRQpn5l2F2T14Nl531tRmEiK5E3XO9EOx0T10bwscw3oqYcJeeY2PAGY0ebTABMvby5W_BIgF9_XEykySBQQIBBgBkgUECAUYBIAHw5KIOqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOr0X9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCZIBaHR0cHM6Ly93d3cuZm9tLmRlL2RlL2Rhcy1zdHVkaXVtL2Z1ZXItYmVydWZzdGFldGlnZS5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249Z3J1bmRyYXVzY2hlbl9iYiZ1dG1fY29udGVudD1nZG5fa2xpY2uACgHICwGiDAwqCgoI5LSxAu61sQLYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMjc0MjIxNjUzNDY0MDU0NRgA&sigh=ZD0bgJE-w40&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNhK9I3IjdJLPep09ljOF9WkuEO5Oa5i7TVRD8viaoYx7OB1O1uR1Q6lWDaQw4oLMdNM7pzYaLGAE&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217961035605992561703%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22766441158560394049%22}&andc=true

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=C-sKRawhPZZnSO_nHjuwP46iaqAX775esZ7G-kaOvD9PYx-GSLhABIMqE2o8BYJWSoIKwB6AB-62NmAPIAQGpAtJLWfee7bE-qAMByAPLBKoExwFP0PJGtHI8FtYrfc-XEMaUIRkyN-6YATljVSOpNgAAf8MhPOpuSh83-QPvzCNfIc79VQVPZCTkFALb4xUGybops9tvuqPrwc7dBb-mg4tvGm3Tzkz4pCkqC7WKKgXEEGOx8K4tvVoqRTrirrX7HCfWYZpFlwQryWbU3Df7o35sHck4tyYJhi_80_1HPxrJPErc2ytJftHgRXJGz2juZNck6gfpuoufaEursl6W59W6jjSKCbh002Ctrb6Akv781ZkhgxAuBIgWwASph-qP-QOIBfb6qJ06kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB-3R8meoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCQoxTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkhaHR0cHM6Ly95b2xhd28uZGUvZGVtby1hbmZvcmRlcm4vgAoByAsBogwMKgoKCOS0sQLutbEC2BMCiBQC0BUBgBcBshccChoIABIUcHViLTI3NDIyMTY1MzQ2NDA1NDUYAA&sigh=bbJlJytrA-c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNG-cPIjGj6WlFwmGkXq0aMAD-MzfsNU9IyJZ88J0cjDBRMUGuzTN_Ey4QNaUrs8nj8n_sWDmUrxgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229621743130946466955%22,%22debug_reporting%22:true,%22destination%22:%22https://yolawo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855856891%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222861740728745796993%22}&andc=true

94 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request seytaninkoli Show response
s.id/ 12 KB
4 KB 1620ms
553ms Document
text/html 193.84.85.178
STORMWALL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),

Reverse DNS

Software

nginx / Next.js

Resource Hash

355696ca906fbcf8f289ee77d469d6907ddb05287f18c8ae6fe04809753b5a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 8243ec3c1b7a4b86-SIN
content-encoding: gzip
content-length: 3923
content-type: text/html; charset=utf-8
date: Sat, 11 Nov 2023 04:51:54 GMT
etag: e_1697385992
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9lKPc0iqP3aZORG2UdR7LqZ2YSczwRfBrzZ7hrB51QvRl6EmWFj3bdU1IMsn1iOaI0lBURGNGgsj6Pd%2F9KHZfYmd7cqUElB3txuW4kaFD8%2B%2FGkuW08NOmKFp9Q4Vqvo"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

GET
H2 200 a6e26b705378ef50.css
microsite.s.id/_next/static/css/ 118 KB
18 KB 177ms
55ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/a6e26b705378ef50.css

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"1d816-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtMwikwxAls%2BI5qq0HViO%2BaAnzhwmY%2FzUNE14xemTO7Tf2sf5Kjo4EoOc1cxijuhZTVkeUzEW%2F05VDusd0rFow4tFCM2vRpNSocHu0Oki9RDdiBTKPGk5E5GdyyKgOpg8f7Xm1iAJXxSKRLW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3f7e75691f-FRA

GET
H2 200 cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 22 KB
7 KB 175ms
53ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251150
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"57d2-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4cvqc1QW%2BSg888yU2uKWJ%2BSWwabX1l9fgjEXtkzKFdKwF%2FzBau7ldvDsX%2FyNBOOnf%2B6KBdAElb9IYSWqVdocFqcODClkh7PqQctiavOEacgew4lx7bCeNhWU9dAgfTq2t9M2IhoG07E3sOa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3f7e76691f-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 145ms
58ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68640e1d4360aa5e0d83587bd062d67428b31c43d9a7726b106f8daa022b3638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52762
x-xss-protection: 0
server: cafe
etag: 15079694956063015422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:51:55 GMT

GET
H2 200 webpack-9cbf820596dfeb98.js Show response
microsite.s.id/_next/static/chunks/ 4 KB
2 KB 159ms
57ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271564
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"e46-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2vwOJWX1xzd1zlVXfVk35nBLx8w%2Bng0FUtyh2vu8JOnHtAId2wdjZJuPnfRY3huT5pA6oHFsYdXbtIKURAFzwJRflfb8%2BdAh%2FJqktWRwg8BfcW9Wy%2FLLcedGP9DizWE7%2Bu2Q%2FFdEpR3UtID"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3f7e7f691f-FRA

GET
H2 200 framework-56bc1d2b5d8be648.js Show response
microsite.s.id/_next/static/chunks/ 138 KB
45 KB 55ms
54ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271564
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"226f3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPpa9rWlUVMU5OJPseZPfBNheZvpW1uZgncoxM%2F9BMdPp%2FPY1o3HVMZ0UCIgfZakLv5FBXEVbDztaS%2FStvJx80H7QfSAIX9956QIv5fqtSmKh%2BXZgRb9%2FqTzMOKIEKeLjQM0BuPHX33XgjhT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fcea8691f-FRA

GET
H2 200 main-559dbfa8afd7d7a2.js Show response
microsite.s.id/_next/static/chunks/ 97 KB
29 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245619
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"185da-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKnfRA4QE6Ka%2Bl5krnPaaQehoLMl8vyRP4h8C%2BvUKB4vllGH9q0Jzm1LtYh4n87kJT9WRuNYVeeheIeid4dlIlW4VSSC%2B9y8QMq8n09MQtqtJ5KNONYu4auGTXRNo97i%2Bgj7EMWhm%2BaqJ6wl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fcea9691f-FRA

GET
H2 200 _app-538933ef5d1d99b9.js Show response
microsite.s.id/_next/static/chunks/pages/ 315 KB
102 KB 96ms
95ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271564
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"4ed1d-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmJM%2Bd49tDRRImHDmx0DdnQSi92ydhIrfxWeFRCLE%2BfRAFw%2BuPdZhmqHFs%2B7ybsvKTw0tQkFn22Vx0aGWYIBgCb058ohkULYsbQktD5A6u0ERiCOT31FjOcaujLsrrj4tz%2Bp%2B01twqBWEYB%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceaa691f-FRA

GET
H2 200 f85a1fd0-0ccc9e26436af44f.js Show response
microsite.s.id/_next/static/chunks/ 476 KB
74 KB 96ms
95ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271091
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"771a6-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzpYHuG%2BIxOBNrLUEzqjOV%2FHHXeiorxnjl74sqAk06NDQiE238%2FgWJObU8PUzlUHNOD6oISGglwQZ1W11AoJ3flx8Za4mA9YUiw0Mry4dDgfX0WwAu3i0LtnjW37nboVBWg9KxRLM7RMp8jP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceab691f-FRA

GET
H2 200 347dd6d2-909e20e25b7384a8.js Show response
microsite.s.id/_next/static/chunks/ 948 KB
283 KB 97ms
96ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182890
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"ed138-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNopsjyGxupBUaJVxZntxyw5WGaaYPTV6Y0SHJP9z7XBEVnf13cLmc3vbLy1sGcXyqBD0mOPpnHOE9YuX64plWAghQKnKbk%2BOhAnJuC3pM6bDHeKG2qe7%2BEXD0d4vMGRstdBkSEqpKaUzz38"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceac691f-FRA

GET
H2 200 b7322211-d279212bc11c825d.js Show response
microsite.s.id/_next/static/chunks/ 501 KB
212 KB 97ms
95ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8390
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"7d3a4-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkOE6FKyemR9UuWRb3uVtSBU5nSgSFxW%2BjXTDDaskdx4hbpRq4zvvqFdgxLi32ZTvaWQRuGE%2FKilosvQGBn2FFQvSmkwMzL2RoIXAWgsvXFJWaw1NmqAbxGZe9fS%2FzeX1gTxtjyDqMS59i71"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fcead691f-FRA

GET
H2 200 865-541ca60fc46f1bbc.js Show response
microsite.s.id/_next/static/chunks/ 596 KB
173 KB 96ms
95ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/865-541ca60fc46f1bbc.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265028
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"94fd3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MS7VqrIKU2FT7Uu%2B9wDnPTWRC1alwDosuFitDrb2AgPMHMSHbSt6QeEZWf%2B4Jo5MVwypH78GUqPEf10W%2Bt%2FE0m77heC1ML9TGdUfZaF2TH3JvbqYLh81m2uX%2B6ggBmfM%2FXHOgvLF6rcFsFj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceae691f-FRA

GET
H2 200 %5B%5B...any%5D%5D-f3f713278be240ee.js Show response
microsite.s.id/_next/static/chunks/pages/ 171 KB
39 KB 95ms
94ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-f3f713278be240ee.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271110
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"2acb7-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4wxe8OHhi0vnX82cDO1mf4NccAjJtLsvliYAdA67krmTlH%2BNc%2F%2FWIFpqGElX5q5CAjvPcS1g%2FZCJZjHDzaJDk8%2FbHtPd2SsS7SfF332vs%2FCSb1Wb1gYwpvNW3xEBdxeeqElKsDiLKRTXM9c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceaf691f-FRA

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/ 578 B
832 B 229ms
228ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"242-18bac725540"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi5u8ZpDJ66m6140oo%2Fdm8KL8lTYiMoKEQT4VywkJdaPbrRp2gktgCp4PTSWmB9l%2FSZh9aP930SpbZsEpFuoqu%2FHcYwT3YGTtFlsgUmUf4XDdjGDPDsK%2B%2Bn5jSlgooKK5F5Xy9Wh3CnqWz5J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceb0691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/ 77 B
352 B 52ms
51ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/e5FQGXNFOZjJqe6n0UoJe/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271110
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"4d-18bac725540"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN3Aq1x2dXwM4%2BlAdgL8Og1QPWjicjmdx2QQv6jXP7lBDcUMBadVLs2uzF44bnwwnZTmePEnk8jT2unRJyKKwZsX2kw%2BDhxVEeIv8Vwhvhj%2FZniFMeGfOh29LFtudL2Z11pRkS6k81B6lag8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec3fceb1691f-FRA

GET
H2 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
777 B 391ms
270ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox0IReYQi8629L6eDbx%2ByaEZRzRdrNNMto9IxW8SpQ22FKQLIdOUT65CZIPCD49IfjVGrIsMNx5Fv1Y958ra3YAkknqfe7R4bDtO2YmoAtUAugO8ag8TGzKmYsuZSi8LOEFSna2Rmd%2BdTxOc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 8243ec3f7e78691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 work-sans.css
microsite.s.id/assets/fonts/ 4 KB
794 B 390ms
269ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/work-sans.css

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UypE9RBSbEfrDS%2F8p1OFwoRVDL545YbZ8a0WhQhsg7ZO4xxfJzZa70weZHElpvDlD1%2BapxJj3XmquwiovHjIIr3GR8pf9O6tYbUlW3RfqPkB%2FUUQWF1fsDz1PQBPQWlY%2Bjb3VRfhcBb3vIjS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 8243ec3f7e7a691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sid-neu-logo-dark.svg
microsite.s.id/images/ 8 KB
4 KB 402ms
281ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaM%2F0jA5l3ne%2BKFrJf1l0BGbArN39HyjOf%2FWVD1iRR2Fe12L59h0AIDUQN59kLeiXPsLu3IcyYnG%2Fty4GTl0x3xbPdB6J928fc4WgJkxUzvbiMeW9P0hCEwG3UiEKvShDG1PB21Ox4QjzN6x"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8243ec3f7e7c691f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 400 KB
136 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de3b12164be56c9289914d5a4ab0e8206ca8a8e584b5a97d97b9166a8f7841a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138694
x-xss-protection: 0
server: cafe
etag: 5923991826617944351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:51:55 GMT

GET
H2 200 b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg
cdn-sdotid.adg.id/images/ 863 B
916 B 773ms
94ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b93bffc28900c6afcdef1df7fdaceefea744d9df0de2484d2c5a1fbee9dbc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
x-amz-version-id: .qw7w5twjRzN_SUDzPlQ25vIbU6qMdzT
via: 1.1 20048fca6de376fc3e9a3975b6f01be4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 13:08:45 GMT
server: cloudflare
etag: W/"d6c331fefd1defc280936895ce3bf526"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7dt2%2B0Jg91WLlCGRC2XlNKhHOm1TuV79ROMl7qez6RF%2FCaLfFHuPtql2P2mITvGVxcQQtFhge%2FE0U56bSeu5vX1HlaQiH0wa5O3X1FKGooBcLYBBShZWBA%2FpC0J%2BfOzGsatB2Py1JwRT1pginHPJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8243ec446ef99199-FRA
x-amz-cf-id: hBYYspCOGK_2rK-Hbjr9n7MRWVEM3hzRofaOkztoj2h5t2B148foDA==

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 49BD 9 KB
4 KB 125ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 01:58:27 GMT
etag: 16674218716276178799
expires: Sat, 25 Nov 2023 01:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0693 0
188 B 132ms
132ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699678315&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315532&bpp=5&bdt=240&idt=151&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8669059323592&frm=20&pv=2&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:55 GMT
expires: Sat, 11 Nov 2023 04:51:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 47 KB
47 KB 351ms
268ms Font
font/woff2 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/work-sans.css
Origin: https://s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g9gRsJtvz9fSELd3Vr0rVbQwCHYbH4yBYH9SnVZYKILoFRBUxPcIE7yGHJIIn72jDRIqvW1wYxJtdrHBmBJqfUEbvNNTfdg0UGpPnchNW4DwtWS0CJwn2erKYdmpn%2B33iII7SyVpoDFq6Ns"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 8243ec41fdce3813-FRA

GET
H3 200 506.9f321d440064bb53.js Show response
microsite.s.id/_next/static/chunks/ 1 KB
1 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271562
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"44a-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAQhMXKSZqwCZnlGFLLqgEb26cgaolxP9qKG8NJScW5mneVdRXvyLnzCkJwlNSsa5xXPqIiQSjB3X6Wjbh4qPekaiEJunZfBzzpq%2FKyMXtjw%2FIX8brTJ8AP7PC8dG5REyCQ8I2sRC58ZSqpk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8243ec426fa23736-FRA

GET
H/1.1 200
OK adcap Show response
app.s.id/api/ 36 B
703 B 629ms
215ms XHR
application/json 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=seytaninkoli

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1699678316,p3z1bq,36409e9714a1936652135944454eeb61
Referer: https://s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Sat, 11 Nov 2023 04:51:57 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://s.id
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 198ms
111ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cae658ca38d5868e707b9e8eb62ff1f6a30cfa979ef817d63b00e30f5bc4d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 141ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

483ee8ca8cf18611ba84776775d2262326a0238c51088e12da246bdadecbf20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12B4 122 KB
42 KB 579ms
577ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699678315&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=2&bdt=618&idt=-M&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abce68f16cca1d1fb0993523523438bad3419dc6464b1f6aa590ba9509040018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
expires: Sat, 11 Nov 2023 04:51:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B7E 130 KB
43 KB 806ms
805ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21136727f05e0d77ddd2266036b0ad410a86a14df9a7a33a5f27c7fa8206dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43501
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
expires: Sat, 11 Nov 2023 04:51:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content adcap
app.s.id/api/ Frame 0
0 646ms
209ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=seytaninkoli

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://s.id
Connection: close
Date: Sat, 11 Nov 2023 04:51:56 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 23058e1a-37e8-4798-822c-5305637fa010_450x450.png
cdn-sdotid.adg.id/images/ 58 KB
59 KB 320ms
55ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/23058e1a-37e8-4798-822c-5305637fa010_450x450.png

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bcb729d76ea62fd0ce73a62dcf6677db23c360168a9b2c5402b9bd264648a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
x-amz-version-id: deePLH.nRPQgJ9dKMF_rJo_BK8837MnJ
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 59315
last-modified: Sun, 15 Oct 2023 16:06:31 GMT
server: cloudflare
etag: "35ba473d82cdc8698c49c61637cc64b7"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsGCd3kUGkd7s5ahPTVx8XvJtpoBrQHcNt7HgNboRtliNIE7Qe3u0b35e%2FkW87d9kWPxumJ5I16fXwwTgP9raOAD1rcfFjsej15dF2Eb6TZR2QJ020inMEu66Jpidw6Mlbixlvv30RTrGw9mc2Fsmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8243ec446efb9199-FRA
x-amz-cf-id: BmhPgASVayy_fT356hIb6KpRCWUFEeaasehCTz1apDoyowFQmEXzbA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b165f7fe3968a871c9e0ea4cf6bdd2dac34664c6323a5879179b4807f93ec6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Nov 2023 04:51:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b81v889124241&_p=1699678315907&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1633844104.1699678316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699678316&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2515
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 145ms
48ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=1633844104.1699678316&gtm=45je3b81v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 137ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=1633844104.1699678316&gtm=45je3b81v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=455139113

Requested by

Host: s.id
URL: https://s.id/seytaninkoli

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b81v881303989&_p=1699678315907&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1633844104.1699678316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699678316&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2543
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 12B4 14 KB
2 KB 150ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699678315&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=2&bdt=618&idt=-M&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Nov 2023 03:30:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 12B4 2 KB
875 B 136ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 12B4 23 KB
9 KB 134ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 01:55:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5847 143 B
166 B 42ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699678315&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=2&bdt=618&idt=-M&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 03:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 12B4 3 KB
1 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 879D 1 KB
643 B 46ms
46ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Sat, 11 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 12B4 20 KB
9 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 12B4 0
0 138ms
47ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHX45s6KnuQoJQDhghYS6-N8pyHFu_uMCizsV9t5YBuPqdUVZcdiE6wXTc4wGEWvmtXkOvD05wQYHqvSOjluKbYOJKvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699678315&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=2&bdt=618&idt=-M&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12B4 199 KB
64 KB 144ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 12B4 37 KB
16 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:06:31 GMT

GET
DATA 200
OK truncated
/ Frame 12B4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5847
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
expires: Sat, 11 Nov 2023 04:51:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECmCwU0EDmktlrFRINo8yls&google_cver=1&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUYhTRSExV6BadfNet9H
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DC3624BF2FD411681467B4D4EA32F6A&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUY...

170 B
329 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DC3624BF2FD411681467B4D4EA32F6A&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUYhTRSExV6BadfNet9H

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Nov 2023 04:51:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DC3624BF2FD411681467B4D4EA32F6A&google_push=AXcoOmSsK8pfdIAsecwj0zKtNT3PVjH7pvwF1TFtGzS-1RaUNrTV7WzeWp4nOEi7LWrX7JiWIg7kLkFZ5JIIzUYhTRSExV6BadfNet9H
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 10 Nov 2023 04:51:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENIUDDC2OYrAzkDqPx371pY&google_cver=1&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI&google_hm=Q0FFU0VOSVVEREMyT1...

170 B
232 B

50ms
48ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI&google_hm=Q0FFU0VOSVVEREMyT1lyQXprRHFQeDM3MXBZ

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Nov 2023 04:51:56 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQ3W9kkjB5DDAhVf01Y5zBpfqxichzCb6JlOl1VpHyWwMAMnbbReOo8H0LGcbnXp9ahCj0hmRZecmIBuazzzLE0_3Yof5ulhMI&google_hm=Q0FFU0VOSVVEREMyT1lyQXprRHFQeDM3MXBZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELIajuizFu0SE9NPBfay6-I&google_cver=1&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2ki...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMDA2Mjc4MDk1MzkxNzU5OA%3D%3D&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2kiC5tZ...

170 B
232 B

50ms
50ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMDA2Mjc4MDk1MzkxNzU5OA%3D%3D&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2kiC5tZyx7X8AOCrRi1Wb

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMDA2Mjc4MDk1MzkxNzU5OA%3D%3D&google_push=AXcoOmRSiADd4zAnXUgNHhpYlje3VjR0ABytqDxAh0XRGGPisVKLcnGwtlzw8ah9GmdDn4nq72N35jT3_Tg2kiC5tZyx7X8AOCrRi1Wb
Date: Sat, 11 Nov 2023 04:51:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFCdfPt0ontY44xKd_scFtk&google_cver=1&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40Vgp...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40VgpFtpd1BQDPkwHl-RP

170 B
232 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40VgpFtpd1BQDPkwHl-RP

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Nov 2023 04:51:56 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmSz8bN1ypUzAJQTPlQBW_DXtLAPdMT14lxMB8cFjoSPA_7x9u6OqNR-jgL2IGY8nRNs9o7thheG44S40VgpFtpd1BQDPkwHl-RP
x-host: tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd5mOq4cLsOkF44li5izG4&google_cver=1&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bHPiIffsQkg&google_hm=eS10ZmpfRjY1RTJwRm...

170 B
232 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bHPiIffsQkg&google_hm=eS10ZmpfRjY1RTJwRmxFaGQ5Z0VNWlIubDg4eGFWNVN2Tn5B

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Nov 2023 04:51:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSoJQ9bxgTNcVjiyiFEfJPQgo2dab8Szzei-ir90VVt3eMlxuyDP9HLw3NaLTLcRWN_-pFkrIVqyiZ33MPnL_6S0bHPiIffsQkg&google_hm=eS10ZmpfRjY1RTJwRmxFaGQ5Z0VNWlIubDg4eGFWNVN2Tn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 879D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENFfSYOCfV7HfvZG5V5KI8U&google_cver=1&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7Q...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENFfSYOCfV7HfvZG5V5KI8U&google_cver=1&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA

170 B
232 B

52ms
51ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSEIYauxa766kvmnlyzOj4Ir6ZMQ2lN8GR7pRGGRHTPrF3XriVrO2LW-OSjkcV67WXy2VGMpTMlkWdcKw-aQ9U9Z7QwsxE32PA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 879D 43 B
363 B 215ms
39ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmnI3bZ5G4dUB2VBI7nu5v7UVK2tcgWG2C3BWFR1HGD9uEQfGqO6AO4xmL7Ebh-ucjPSaiZAwgHK3k4Xj-9tXWS3zvB2jUn74c&google_gid=CAESEHoXBMKVvUoyPUIrPmq7nNo&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 220292
expires: Sat, 11 Nov 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 879D 0
139 B 230ms
47ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKXXveZN9nnm1lmrZjP3rFf99S501L7w_C6cWrwoka3R4zq9wwPzHMy85FEKky870r7_oZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 12B4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b940f94bd5f22650d4ead1f562a5e8357b78cf709ae5b9c877fdeef6134ee7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 12B4 33 KB
34 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 330158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Nov 2024 09:09:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B7E 14 KB
1 KB 51ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Nov 2023 04:10:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9B7E 2 KB
856 B 46ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 9B7E 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 01:55:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9B7E 3 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9B7E 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31772
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B7E 0
0 49ms
48ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbUQHdpk5dpE6Cf_aMli3KDVn5x-WX4jlYLTNByB7_tc4ZaaeznRdC8lN2FADUWzp4Wagr96KlqbnzOjoMDGaT6h4sAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B7E 199 KB
63 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:51:56 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 9B7E 37 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 03:06:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 661F 143 B
166 B 41ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 03:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 34FC 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Sat, 11 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6568457838764989581
tpc.googlesyndication.com/simgad/ Frame 9B7E 4 KB
4 KB 41ms
41ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6568457838764989581?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09d70a1700a01bd4752504654d91a17627f762daff621695ddebd9c5191a158a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 04:40:03 GMT
x-content-type-options: nosniff
age: 173513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3621
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 09:54:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Nov 2024 04:40:03 GMT

GET
DATA 200
OK truncated
/ Frame 9B7E 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9B7E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59326eb8285cd5940bc31f9d396b5800727ab7f98c4c05904ce00846d5856dca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 34FC 35 B
463 B 140ms
42ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAUA4_ayTTpTzrRazY7M0BI&google_cver=1&google_push=AXcoOmRFIATBufYzKSFisWTPgU7VorPxUKRS5nCXrMIixnJtA7CqZOEz5NZu0GsELteUfgtaZxtTbs7n7YPYzmwyuDUiIDMF7s15Gw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 34FC 0
98 B 143ms
48ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRdSn9q6B_pWE0AmIujXFMVGmJJ5BfJAVDkf1-61SFPi250e2w9LviS5ur1UQZhOqLikormTC6kxfoE0g2no65eQqLrpTrY&google_gid=CAESEIZoYawiaCs_RMj9L5nBIU8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699678315&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699678315910&bpp=1&bdt=618&idt=0&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=8669059323592&frm=20&pv=1&ga_vid=1633844104.1699678316&ga_sid=1699678316&ga_hid=795968364&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079402%2C31079408%2C44807464%2C31078297%2C31079474%2C44807749%2C44807764%2C44808149&oid=2&pvsid=4380488615373676&tmod=1719822565&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34FC
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL1fw2bRfxZsNV1mpRXajw4&google_cver=1&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPFNZ27y2HwXDrR

170 B
232 B

49ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPFNZ27y2HwXDrR

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Nov 2023 04:51:56 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JXfGt2EqRPQqrYuAWpox_A&google_push=AXcoOmQ_PY3y2NYHEYM79n8yrrhkcNrB7Pe1aM6CcXJgJuXO3kHTxgycnYM-pF2rU6mAH3w-gQS9IA5eSFdgWBPFNZ27y2HwXDrR
x-host: tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 34FC
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOZmlDmF-PycYyHrRSDg9aM&google_cver=1&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8Er...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8ErWIkuyew

170 B
232 B

48ms
48ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8ErWIkuyew

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSD5SWfBvy2lNLO9JZGI7L3Lliw0fxPHGx1yoGsBvr5bC9fOWFOACh2cozSaFMaUUoXUgDZptYveL9bgX0-A1Yo8ErWIkuyew
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 34FC 43 B
362 B 39ms
38ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQEiIS1U5zLvZEE8FR5zVYVE2EN5KGxUkaB76Ug74o0Ph8PQGPPQWK1d1boYQScN4lQ_GU4QVlClbgMJBPKtdSOblF-Y9qtFw&google_gid=CAESEJf9GCOg0krRIAFtJ5WtqYg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:56 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 176369
expires: Sat, 11 Nov 2023 00:00:00 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 34FC 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 34FC
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOvb1MsBFZGg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQYjkuAP0Fx_ugYo-WoT5_7JhYcQ1-m62vGmtZ29QI2jGfAmT9J644mcYZB1IAkefFNTbc0m7j8JTz3WFLoK9ARWG_Hppb9MmU
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

66ms
66ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Sat, 11 Nov 2023 04:51:57 GMT
pragma: no-cache
date: Sat, 11 Nov 2023 04:51:57 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 34FC 0
49 B 47ms
46ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMaCbvncBADfApt1EwInAs9Gb46rRxC1_LY8uNYcpeU_JcS9cmpDTRC0-_YcZC79-MDJrULPA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 661F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
expires: Sat, 11 Nov 2023 04:51:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9B7E 33 KB
33 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 330158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Nov 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 12B4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTqO2awhPZeSqO9SdjuwP_Pi0sATl47mSdIaw_7DzEWQQASDKhNqPAWCVkqCCsAegAaXt98UDyAEBqQLSS1n3nu2xPqgDAcgDywSqBMUBT9CN_QygjufBKbYknVwNgWWqukTpYoQQyE3gc0n...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217961035605992561703%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259...

0
0

158ms
72ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217961035605992561703%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22766441158560394049%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17961035605992561703","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"766441158560394049"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Nov 2023 04:51:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Nov 2023 04:51:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17961035605992561703","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"766441158560394049"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F87D 38 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 00:05:43 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9B7E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-sKRawhPZZnSO_nHjuwP46iaqAX775esZ7G-kaOvD9PYx-GSLhABIMqE2o8BYJWSoIKwB6AB-62NmAPIAQGpAtJLWfee7bE-qAMByAPLBKoExwFP0PJGtHI8FtYrfc-XEMaUIRkyN-6YATl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229621743130946466955%22,%22debug_reporting%22:true,%22destination%22:%22https://yolawo.de%22,%22event_report_window%22:%222...

0
0

158ms
73ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229621743130946466955%22,%22debug_reporting%22:true,%22destination%22:%22https://yolawo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22855856891%22],%224%22:[%2211-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222861740728745796993%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9621743130946466955","debug_reporting":true,"destination":"https://yolawo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855856891"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"2861740728745796993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Nov 2023 04:51:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Nov 2023 04:51:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9621743130946466955","debug_reporting":true,"destination":"https://yolawo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["855856891"],"4":["11-11"],"6":["true"]},"priority":"500","source_event_id":"2861740728745796993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 135ms
55ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

089a9ee6e3328da95ddae0208e44dcd88e398b4580ee78875654aff590702e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12240
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 32C5 38 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 00:05:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 173ms
74ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 11 Nov 2023 04:51:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 135ms
75ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 11 Nov 2023 04:51:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 04:51:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9C8 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 20:36:05 GMT
expires: Sat, 09 Nov 2024 20:36:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0206 829 B
562 B 50ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38956bd62da4eb6c166f6094f14dad38d4a46109ad1c692acf98a17e22ac5edb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DnNGBH40j5u6xU7c8tIKyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DnNGBH40j5u6xU7c8tIKyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 04:51:57 GMT
expires: Sat, 11 Nov 2023 04:51:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C9C8 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 19:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 19:58:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0206 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=4380488615373676&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C9C8 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?T-lWqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:51:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=4380488615373676&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfOLU6VYGGWFWgmJgGf_UT3l9ex7SUZEa5Mhjn2KCsLzMn4PvAxBuFZaY82QIwyx3iAgAAAEdSAAAAGWgBB5kCruLEjnzsY-vsKdxUwYqqsJ3G7OTbz3Vpv_BRCtJY2l3lSZnNyYsCds0wl7N9AYKrYqvLu9E-x9PGUa_16XwV11GPxJukLAvWwH-GKjJagZex6-fNs0FAOCMvbkEHEKnPLxv_Nhv_MHCpTlLbeZhwjzWrRkcQ6f1pJsHNFv1kwGIStG3z6UD_SaeE_TR3q7EWc4C37LC1nBYPx4U1I7y59cArsgm0LCUFaKHCGgBrGkx27cSCMl9oxYy47ANMQOC-beUZr_9GmUC7iuvhJa_owWQ964bV-9Y6gQ4x1pDq9Zdxr4eQ-Fp1Lv1RwzfRitC0_1jdKl9NMwsTbp3Z5RYQwLBnijHsaJDf_VY-G7U-jk-CC_rLMD2KdvAw9vzHAn6WWVgej3m1XEm9lOGM27HVhyF7bkF-YrIoOLyTBn8orb65E3n_l4n_iv6B0y3MCoSmgSiWaCAjCzNwQQXFEVu6TANa5BVTAaC747ktMQRUbjCIyy6BvtoYd6riLuQ797yvuAJ_nEbP3PqRhOC954ZDqR3-0ag7CCdylOM5-44narhNMo-XsVEx51cccWcMmrkqeIX7ubhTRqaR9eCIApx0zyNHLPfveA_zpedieGmHNu_MO9d-Ic65eVugtXRFFErBTjq4aTJVVtXhI60qCAPHFuAI6QrCf63mrCR7oekrD74epS2A6S6LPN62WRcGKswCCEdIJYcxkRCYefqANHTThzNtT9yue4h3hbcODqMjdhEzGBvV1EVNrw7PYfC3qw4HMvlTP4q14grTSCp30juGFBRYXiLkt0zDEg1b_8x9Qnh5YilW6Kbs0tkdPp04mjedvYe1VqIPKjnrPJyV5sYbIUSRYog9rWf-Xyrwa-d_FUnSYkocBoo9hu0FjQi7eRBvucTpmIokujTL3HZ4Znf5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12B4 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4dTT8S5QoU4bFgxY0t9DEEtwZGzi1s4rY8nnW_Hsm_V414X3JrGbfvp9kBS4ORxVPuTcqjP8vSRP2ULky7ji62Xvp4QHeFyYUOgD6Tf1-2LkArVficmFxLRKPhlBO-bASN5g_zfRI3M2F&sai=AMfl-YS7wZCTaAqqEQ3cj7E1q_n5CKOxQsiRtYF2qAZj2wywvzEzIp1P_7IF1bUF4MIEdXMLwosLzBJzfKDa_F5qr0mGlGrj0YDv-f1_idH_e9E36z6t6Dl3ii4ftWo&sig=Cg0ArKJSzC6wgctzHYwKEAE&cid=CAQSOwDICaaNhK9I3IjdJLPep09ljOF9WkuEO5Oa5i7TVRD8viaoYx7OB1O1uR1Q6lWDaQw4oLMdNM7pzYaLGAE&id=lidar2&mcvt=1000&p=0,0,280,500&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699678315917&rpt=1091&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B7E 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj2YzsyNhSkDF2_iazaydaCZ-lfeGlK5XlBYp0ayeawneFUSfcwFi6epHT1iYpJxaFdt7fx2P0vr0xTNu03bJKYzI_dzscuLEkUv2yGuaiQvL8PPxLOSNgZpZsJeiSkM0MjJu039G0Yxop&sai=AMfl-YS4br7QRmIjhoMf5X1VOgMlUJ8RnGkCKvXgwIn2RJk9b_E1EEeYrww6NalGeQNcJevDw8dKn6exTONheNN0rA2Nx3q_PJf0rCF046TiLLNUjwEV8O61wdlNOZFG&sig=Cg0ArKJSzGBwhOpANb8gEAE&cid=CAQSPADICaaNG-cPIjGj6WlFwmGkXq0aMAD-MzfsNU9IyJZ88J0cjDBRMUGuzTN_Ey4QNaUrs8nj8n_sWDmUrxgB&id=lidar2&mcvt=1000&p=0,0,60,500&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699678315920&rpt=1124&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 04:51:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECM7QVdJ6eoHt_kKzj12EZw&google_cver=1&google_push=AXcoOmTKNbrW1aYpB5_yarqpWA1inOti2Ouxj-MzawbQ5J8gLSp75uH9n51WranJf7Gr8eJ1Y9STv9YnAYlSAKO7Hfewnmo9N2JUw3g

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b81v889124241&_p=1699678315907&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1633844104.1699678316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699678316&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7523

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 01:43:58	Name: _ga Value: GA1.1.1633844104.1699678316
.s.id/	1970-01-21 01:43:58	Name: _ga_GTE5CBQ89K Value: GS1.1.1699678316.1.0.1699678316.60.0.0
.s.id/	1970-01-21 01:43:58	Name: _ga_LJQ0V44EV5 Value: GS1.1.1699678316.1.0.1699678316.0.0.0
.s.id/	1970-01-21 01:29:34	Name: __gads Value: ID=126a588636b69710:T=1699678315:RT=1699678315:S=ALNI_MZ-KQFdSwQNN1DPSEhCSZyOR4E2ag
.s.id/	1970-01-21 01:29:34	Name: __gpi Value: UID=00000cbfa9ff1b9c:T=1699678315:RT=1699678315:S=ALNI_MY26TkvXS4EPZV5ytu92bMbz5hBYw
.doubleclick.net/	1970-01-21 01:29:34	Name: IDE Value: AHWqTUlEFD7tq6adBUFpfEb2lzmt5-ySFeZmVJj7cu851gHWAXhswrrMRoxRINkVciQ
.doubleclick.net/	1970-01-20 16:08:01	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 18:17:34	Name: UserID1 Value: 7300062780953917598
.simpli.fi/	1970-01-21 00:55:00	Name: suid Value: 4DC3624BF2FD411681467B4D4EA32F6A
.travelaudience.com/	1970-01-21 01:38:12	Name: _tracker Value: %7B%22UUID%22%3A%222577C6B7-612A-44F4-2AAD-8B805A9A31FC%22%7D
.de17a.com/	1970-01-21 00:46:22	Name: guid Value: 1.995514418425198236
.yahoo.com/	1970-01-21 00:53:55	Name: A3 Value: d=AQABBGwIT2UCEIVtMV3tBDdnfkHM_l4QtzAFEgEBAQFZUGVYZQAAAAAA_eMAAA&S=AQAAArhi16CPxaYIzL-VZkyh_VQ
.agkn.com/	1970-01-21 00:53:34	Name: ab Value: 0001%3Aie69XW%2BCgVTCnKsyAoVzt3DH%2FT7qMo1T
.agkn.com/	1970-01-21 00:53:34	Name: u Value: C\|0CEAs4cTsLOHE7AAAAAAAAQ13AQCAAQpAAAAAAA
ads.travelaudience.com/	1970-01-21 01:38:12	Name: _tracker Value: %7B%22UUID%22%3A%222577C6B7-612A-44F4-2AAD-8B805A9A31FC%22%7D
.quantserve.com/	1970-01-20 18:17:34	Name: d Value: EAEBCQGzKoEA
.quantserve.com/	1970-01-21 01:38:12	Name: mc Value: 654f086d-0791e-beaa7-02dc6
.googleadservices.com/	1970-01-20 18:17:34	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRdSn9q6B_pWE0AmIujXFMVGmJJ5BfJAVDkf1-61SFPi250e2w9LviS5ur1UQZhOqLikormTC6kxfoE0g2no65eQqLrpTrY&google_gid=CAESEIZoYawiaCs_RMj9L5nBIU8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
app.s.id
cdn-sdotid.adg.id
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
microsite.s.id
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.analytics.google.com
region1.google-analytics.com
s.id
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
region1.analytics.google.com
142.250.184.226
178.250.1.9
193.84.85.178
2.19.104.4
2001:4860:4802:32::36
2001:4860:4802:34::36
213.155.156.182
216.58.212.130
2606:4700:20::681a:6f9
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9d
2a05:d018:d29:3602:abeb:a582:6f70:20cf
2a06:98c1:3121::3
3.120.100.40
35.190.0.66
35.204.158.49
35.244.174.68
45.126.58.90
85.114.159.118
089a9ee6e3328da95ddae0208e44dcd88e398b4580ee78875654aff590702e48
09d70a1700a01bd4752504654d91a17627f762daff621695ddebd9c5191a158a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cae658ca38d5868e707b9e8eb62ff1f6a30cfa979ef817d63b00e30f5bc4d02
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1b93bffc28900c6afcdef1df7fdaceefea744d9df0de2484d2c5a1fbee9dbc8e
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
355696ca906fbcf8f289ee77d469d6907ddb05287f18c8ae6fe04809753b5a94
38956bd62da4eb6c166f6094f14dad38d4a46109ad1c692acf98a17e22ac5edb
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14
44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9
483ee8ca8cf18611ba84776775d2262326a0238c51088e12da246bdadecbf20f
4bcb729d76ea62fd0ce73a62dcf6677db23c360168a9b2c5402b9bd264648a28
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59326eb8285cd5940bc31f9d396b5800727ab7f98c4c05904ce00846d5856dca
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
68640e1d4360aa5e0d83587bd062d67428b31c43d9a7726b106f8daa022b3638
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b165f7fe3968a871c9e0ea4cf6bdd2dac34664c6323a5879179b4807f93ec6e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abce68f16cca1d1fb0993523523438bad3419dc6464b1f6aa590ba9509040018
b940f94bd5f22650d4ead1f562a5e8357b78cf709ae5b9c877fdeef6134ee7c0
ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756
bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe
dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5
de3b12164be56c9289914d5a4ab0e8206ca8a8e584b5a97d97b9166a8f7841a2
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e21136727f05e0d77ddd2266036b0ad410a86a14df9a7a33a5f27c7fa8206dd0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

s.id Open in urlscan Pro 193.84.85.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

86 %HTTPS

59 %IPv6

23 Domains

30 Subdomains

24 IPs

9 Countries

1976 kBTransfer

5888 kBSize

18 Cookies

3 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s.id Open in urlscan Pro
193.84.85.178 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

86 %
HTTPS

59 %
IPv6

23
Domains

30
Subdomains

24
IPs

9
Countries

1976 kB
Transfer

5888 kB
Size

18
Cookies

94 HTTP transactions
4 data transactions