s.id Open in urlscan Pro
193.84.85.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.id/beeesdssd
Submission: On November 17 via api (November 17th 2023, 4:56:48 am UTC) from TR — Scanned from DE

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 26 domains to perform 96 HTTP transactions. The main IP is 193.84.85.178, located in Russian Federation and belongs to STORMWALL-AS, SK. The main domain is s.id. The Cisco Umbrella rank of the primary domain is 158997.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
18	2606:4700:20:... 2606:4700:20::681a:6f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	45.126.58.90 45.126.58.90	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3 3	3.69.152.80 3.69.152.80	16509 (AMAZON-02) (AMAZON-02)
11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	3.124.81.102 3.124.81.102	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:15ac:aaba:5b42:770a	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 3	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
96	27

1 193.84.85.178 (Russian Federation)

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:6f9 (United States)

ASN13335 (CLOUDFLARENET, US)

microsite.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.126.58.90 (Indonesia)

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sdotid.adg.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.69.152.80 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:15ac:aaba:5b42:770a (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:1b::1724:a39f (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	276 KB
21	s.id s.id — Cisco Umbrella Rank: 158997 microsite.s.id — Cisco Umbrella Rank: 628691 app.s.id — Cisco Umbrella Rank: 507982	1 MB
18	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	70 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	29 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	804 B
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 66	14 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 912	3 KB
3	adg.id cdn-sdotid.adg.id — Cisco Umbrella Rank: 548846	69 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	252 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	128 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	302 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	388 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	555 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	174 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	36 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	147 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	150 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	722 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	409 B
96	26

	Domain	Requested by
18	microsite.s.id	s.id microsite.s.id
11	cm.g.doubleclick.net	googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	s.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	pm.w55c.net	3 redirects
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	cdn-sdotid.adg.id	s.id
3	www.googletagmanager.com	microsite.s.id www.googletagmanager.com
2	www.googleadservices.com	s.id
2	pr-bh.ybp.yahoo.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	app.s.id	microsite.s.id
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	s.id
1	a.tribalfusion.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google.de	s.id
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.id
96	35

This site contains links to these domains. Also see Links.

Domain
www.likaracklswe.com
home.s.id

Subject Issuer	Validity	Valid
s.id R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
app.s.id R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adg.id E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://s.id/beeesdssd
Frame ID: CC6B7E244A4DA42B968713DEAEA5F6F5
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 218F620164BF900EBB295A8B754F7EC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1700197003&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003305&bpp=6&bdt=165&idt=111&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2003660574742&frm=20&pv=2&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: 5D027C168072C8BC95816037CB9689B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Frame ID: 8EAE1C113F5591CEDFB85138A3C9CD9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Frame ID: 230F1792D5A1F7C98F10A022F36940E4
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25C766285D3773560D75B461F3F40C85
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: E13F9F9103305366C9FE2B196B7AB3E8
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 5153C2D5DEADF7EB4AE1D227E4F4C5D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB4FDC5BB7CBD87BF690760ED65C0547
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77CBCAFEEF5399561CE9E089987E014D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3522875611CEF25051C553FEDC09A03F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

güvenli destek

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

96
Requests

84 %
HTTPS

53 %
IPv6

26
Domains

35
Subdomains

27
IPs

9
Countries

1985 kB
Transfer

5883 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.likaracklswe.com/
Title: TRAMER SORGULAMA

Search URL Search Domain Scan URL

URL: https://home.s.id/?utm_source=sid-microsite&utm_medium=beeesdssd

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUKGoSCix3U1yv6gLfvtlFFlwnm-BozdghYltPezoAaACvwT7DKKMDKpdQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUKGoSCix3U1yv6gLfvtlFFlwnm-BozdghYltPezoAaACvwT7DKKMDKpdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUKGoSCix3U1yv6gLfvtlFFlwnm-BozdghYltPezoAaACvwT7DKKMDKpdQ

Request Chain 49

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 50

https://um.simpli.fi/gp_match?google_gid=CAESELFtrjQ7elNCaqOyjVM4YFE&google_cver=1&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX-5ZqltLZ2K_yaUJk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9DB8A8F9EB4BF5928860D2F09FB756&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX-5ZqltLZ2K_yaUJk

Request Chain 52

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENw4VgB4Ip_PM9nA0cuotsc&google_cver=1&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm0904AKiylBpamju8SAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm0904AKiylBpamju8SAQ&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ

Request Chain 54

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZlO5A75NfB3HZuNKlDJv4&google_cver=1&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXeGG2cpHO8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXeGG2cpHO8&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B

Request Chain 62

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=37d8c923-a9dd-4e84-b9e8-1c86f5a59209&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=1a4a9dec-8432-467c-9cb9-7835156b1057&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D58474dfded0a4079bd2d91fd99e167d5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba_ub&aid=2202566396233610263 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58474dfded0a4079bd2d91fd99e167d5&SNR=1&GV=2&med=10

Request Chain 69

https://googleads.g.doubleclick.net/pagead/adview?ai=CoVD9i_JWZff2Jf6Y9u8P4rOtyAi7-tmddOvWmr6nEvb3jpitQRABIMqE2o8BYJWCgICwB6ABqJLWvwPIAQmpAtO9xlVviIM-qAMByAPLBKoEwAFP0LeVJlztH-vow02ImoKSfHLDzVlb2Wb-ESt1MSXBLCDaPh8yOrbAXhKmjLBRptfZkM0ertGLrrDhTj9XitQ41VOycUEBIFVKYW_IMy-y8P1BD1yzgxn29eDTz__njnPcl4it0hETUrVrHoVHVZCr6BT-ulKZJkpgKhUj9RFYKdlq85ab2Hqj-gLKnxLNBweIVZkbPEk8r8jvwe2YuQl7u-TpVyCAjP8cJi5IiPEtQC0GQeyLja8b1AELtqePjWPABOWvsti8BIgFjsnVpk2gBi6AB-PjzDSoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDqxwfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmGAWh0dHBzOi8vd3d3LmJvb3p0LmNvbS9kZS9kZS9kYW1lbm1vZGUvYmxhY2stZnJpZGF5P3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZGVfZ29vZ2xlZGlzcGxheV9ibGFja2ZyaWRheV8yMDIzgAoByAsBogwQKg4KDOS0sQLutbECtbixArgT5APYEwOIFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItMjc0MjIxNjUzNDY0MDU0NRgA&sigh=qoh8C_ZmxTw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaN0X-ritPW5A_y6Kwd12Nk15Ng4LBzjB-RKrY0uM0rZ_v0l_wGq9dTKb-4WVR4Q4GTSvHNIRR09BgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226743300970312510784%22,%22debug_reporting%22:true,%22destination%22:%22https://boozt.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22938838312%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225720960015505535073%22}&andc=true

Request Chain 77

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cver=1&google_push=AXcoOmQAhW1_JPhtrB09hUFamaf6Hh6Pb-n5LKd5iTTe1xTHjlc48v2VGfVoJagrfwbYNMnnSIKr0RQHkm7DUnQWKc0coCg0xjQf7cYu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cver=1&google_push=AXcoOmQAhW1_JPhtrB09hUFamaf6Hh6Pb-n5LKd5iTTe1xTHjlc48v2VGfVoJagrfwbYNMnnSIKr0RQHkm7DUnQWKc0coCg0xjQf7cYu

Request Chain 78

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgpW7LCQyJYICnyfY_Oybs&google_cver=1&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchFYb1Om-xSCJUE9yNQOe10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchFYb1Om-xSCJUE9yNQOe10&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ

Request Chain 80

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBf3UHR2xZQ4Hnznycb8a78&google_cver=1&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09mruPkizRUIn5U-WY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5eeKISpUS04zsR4Tu1C3IA&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09mruPkizRUIn5U-WY

Request Chain 81

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA5TeAgsMlLSGllyrAHnXcw&google_cver=1&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnHcdg14q0E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnHcdg14q0E&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B

Request Chain 83

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGSz-zpITRJhLgSL50ULz8s&google_cver=1&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDSZNgHj3RppqfYFRNNclk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDSZNgHj3RppqfYFRNNclk

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request beeesdssd Show response
s.id/ 12 KB
4 KB 2870ms
423ms Document
text/html 193.84.85.178
STORMWALL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK),

Reverse DNS

Software

nginx / Next.js

Resource Hash

cc7e1cffa44be8dbb9591c49b44ce2d19530a5ada80b81b7ef3bf8fb77333168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1601
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 82756384b8305f7c-SIN
content-encoding: gzip
content-length: 3930
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 04:56:43 GMT
etag: e_1696766579
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUr%2FLKdF7Y7ndr%2BzNgl4hA%2BW4jRlFl0IgrTgJJLc8zywWu4cACdBe3UPTYvEyG%2FQoq%2BSsdA8boBXjeFO6g1bCuheKH%2BWEhCtv1OeHeIKaZvZR4DGYvgZFvEzNzc4sz2o"}],"group":"cf-nel","max_age":604800}
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

GET
H2 200 a6e26b705378ef50.css
microsite.s.id/_next/static/css/ 118 KB
18 KB 72ms
30ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/a6e26b705378ef50.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 789417
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"1d816-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsjMRWpLAf7a94UY5P3AT4LPyA7YNXdAfb39FfzP7rEpz8ObjKDileRPBlVYnab1DPnNjc2d3QYsDOH%2FNcaDdZeJqb6ZwVyzr%2FzZH1SCcExWHOkys2tPvVksijAYNNU14XuZ%2BypMOc3QjhFE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82756385ed784d22-FRA

GET
H2 200 cd55c7da45ab6994.css
microsite.s.id/_next/static/css/ 22 KB
6 KB 70ms
28ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 687350
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"57d2-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFdtR6Rr1%2BKFTnYct516g18IbxeKUD92fCd14EQy2ziNlkmQ0N0ZiUtU3pkAxgGxZHbFGdRmBLFXdoEg6L0%2F9QqlljHmIFC6CJ3Np66MPHz9Ih9olqEt1jEiiGS7vigI8ZRcn890%2F6LyxyyG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82756385ed7b4d22-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 90ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

606b15b49ae4d2013c370ba153b9d8fa0c6eb37aab904b9e1d83b7367b742f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52674
x-xss-protection: 0
server: cafe
etag: 14493695004255102393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:56:43 GMT

GET
H2 200 webpack-9cbf820596dfeb98.js Show response
microsite.s.id/_next/static/chunks/ 4 KB
2 KB 53ms
27ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695081
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"e46-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D2OOEPmRtoTaSnMktyzKP3WgDS54XHslZBPi2cjTu6xPDsMdAH9%2Fah3eCa9TWeOiF4HPUhS2XobmHpyXUGEaWC66hNqsyNauBVdxxmY7N1DMm2npIOMvuEBaH6Zr2njq7EWfUQsxumXWvoJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 82756385ed7d4d22-FRA

GET
H2 200 framework-56bc1d2b5d8be648.js Show response
microsite.s.id/_next/static/chunks/ 138 KB
45 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441758
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"226f3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGuoiTusGYrXBJAempL6TxMte6NKhdhygeL1qdF7j%2FO2si3E%2F%2FAoXebyso3KGitZ6UVMZr1dPdQwybEFsjSQeFw4hCloZXwpeynpexChmItAQYejOkVqDGzBzbL3XjpkSv9nI96ZJBSuALfH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d8e4d22-FRA

GET
H2 200 main-559dbfa8afd7d7a2.js Show response
microsite.s.id/_next/static/chunks/ 97 KB
29 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349740
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"185da-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijPH5J6qylwj8rp7SOicATGxn2JB4mTHhre0tf3%2BltzmOy8adEANtsDC%2F0AWRVQiSGtZnkW7i5LamWdKt84GNEsP%2BTvZ7Pf%2F%2BEQ6JFwDK7LGPJKChSnqT62aIYF0Q97tLFUylJ2%2Bzid8eb26"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d8f4d22-FRA

GET
H2 200 _app-538933ef5d1d99b9.js Show response
microsite.s.id/_next/static/chunks/pages/ 315 KB
102 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 787735
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"4ed1d-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNtea1F75KK51Rgj59SmTXJoTItiFnBqcxq0hI4o4TZfH37734h8t0oenIXcMN96H0K2Y6g8bvk6IZSG2YU%2Bbje3F2QB9xaoFs0mjNNpPHXHGATMKPfLAAMEsZsYnhaLkqD02CZ4uGh8VH6a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d904d22-FRA

GET
H2 200 f85a1fd0-0ccc9e26436af44f.js Show response
microsite.s.id/_next/static/chunks/ 476 KB
74 KB 45ms
43ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349740
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"771a6-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZ%2F1g%2B9veSAmIi%2FdRri0knwbk%2FYXIpfBc2YTr0AHXWT6yB7ZV2%2Fz6BQx9CXUvJd3x75f%2FINmovPzNI0sBJmOq08rDw7rxaWG1aJiYbd0wDhAIchocmqDxdBjAuEzchCHQ%2FcF7cl3%2BvRU1%2BY5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d924d22-FRA

GET
H2 200 347dd6d2-909e20e25b7384a8.js Show response
microsite.s.id/_next/static/chunks/ 948 KB
283 KB 66ms
64ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 696213
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"ed138-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2hebX0L2edvEfbk39TFy3niz9szubQljFY75buwJeJ9blx5l6R3ZUN8Oe%2BMQaFNtHtrmQWUUdNtyJTxSxl4B00UBHDwpTAqnHcRtbzNhbF24PYdu63Sthol7fb%2F2Om3UiuriYmDSCQY5zC1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d934d22-FRA

GET
H2 200 b7322211-d279212bc11c825d.js Show response
microsite.s.id/_next/static/chunks/ 501 KB
212 KB 45ms
44ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358897
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"7d3a4-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scJ3PzR9QFQ7LlsRwQe1VoWI%2F%2FvB0Yhoq19VwwD0BF99suBHhu5pK22ucZr7wkuD1%2FPCXGDDjUSwAxwdrnnJdNwa0HaK3%2FEQduVuqXct%2BL9OqY4JSq%2FQaOPEi9Ay0V2z4jd%2FYHNX6j9Mvzi8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d944d22-FRA

GET
H2 200 865-541ca60fc46f1bbc.js Show response
microsite.s.id/_next/static/chunks/ 596 KB
173 KB 45ms
44ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/865-541ca60fc46f1bbc.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 684584
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"94fd3-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBAjTtbfvy7%2FnQtbExjit%2BlnGMKe%2BUtYYpXh7stfTPFnKlxMWfKRdqyxtIyKI3FTMDR8eJAHIw3JwbXJO1XKVyYRvrUE%2FCaJ55gJFrxrFMzmaN6DgYLnun1vlFpA68I3GHmsEiJdatu6%2F92G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d954d22-FRA

GET
H2 200 %5B%5B...any%5D%5D-f3f713278be240ee.js Show response
microsite.s.id/_next/static/chunks/pages/ 171 KB
39 KB 42ms
41ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-f3f713278be240ee.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 783015
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"2acb7-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u515iSiH3CMlSJOy8B7Ko7ZERklRRVvbp8o%2B0IDse8EnwiyYqeeRrbO5IW9XmKDLu1kzE6XpjNa4LE8mdYoIB7Oez1aX1eNHCmwkpbcUON02FoobIkOXWKgcSkNS6uNR3okSP6G1y6hFEew"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d964d22-FRA

GET
H2 200 _buildManifest.js Show response
microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/ 578 B
644 B 24ms
23ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/_buildManifest.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245648
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 07:42:04 GMT
server: cloudflare
etag: W/"242-18bccc7bce0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn4H6Yzn5mqodFX4Te6DLFZCp5Ge1CPKw%2FNjK%2FblgezvRCG31ONgQUYDDKhDHSnqw9BGtPHQ9fWwt9LG4E05yczNtO6ZV5T3SjrRM1iJ8ao2mDeXNmNE5XJuZXR6WRQgjqHAuUDq703LpP9F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d974d22-FRA

GET
H2 200 _ssgManifest.js Show response
microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/ 77 B
355 B 26ms
26ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/ZlOBCkt8C2ECMM9ASzdtD/_ssgManifest.js

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244769
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 14 Nov 2023 07:42:04 GMT
server: cloudflare
etag: W/"4d-18bccc7bce0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69y9N5rOrYOsKtWSqmBTYJYZNR65qgo36yCQnskAgzNi5gg6CydQNOTAyA4T8z4cjzWUVJKz%2FAlXtbqyU4nuXX9ITSuD5%2BuNyRYtGrhJyH0PNZBxm9l0lSHz0eKQEQZi4Xk4gPEatNG%2BeSwz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563861d984d22-FRA

GET
H2 200 montserrat.css
microsite.s.id/assets/fonts/ 3 KB
897 B 306ms
265ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/montserrat.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ca2-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa9LyhrfAdsvQZVhaaPxzLTiacFSbij5V1DT1HOnSRlkQ7kjB6faNPLFlPOo2La%2FGRCIYdl2uAQOkH56MPJ%2FSX09UgwZQG7TPpj4BDg9nn5cRNSkFivrZofkumkpSj0q6%2BKQerFfTl46H523"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82756385ed7a4d22-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 work-sans.css
microsite.s.id/assets/fonts/ 4 KB
837 B 315ms
273ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/work-sans.css

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"10bc-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYl0iWB6oUdINpRRKDSUWqVVudcJkPG8hJyMe5E8u15qslFVFCNzFbF4eUc14ywRFD%2B457CJJTo9OxjGg9MNgJTTudDcvXbG5RswZqgDGLx62%2F5yociVGIjaGSVUWnY40CEhq6TogyKWmzeT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 82756385ed764d22-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sid-neu-logo-dark.svg
microsite.s.id/images/ 8 KB
4 KB 298ms
256ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsite.s.id/images/sid-neu-logo-dark.svg

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 05 Jul 2023 23:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2137-18928513d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FkDDD0pc7GSY%2BVeB%2FM4A00YFcpfg1g3mzrqjDaufYgMvf%2Fiz5rLvC%2F%2FDTwUbhh21f8dkorO4KR%2FVmVnjkpEHQQUcC0SrcYg6nNLFNzTw306YWQcloqXJS2bPopN60oEDio9VLf213LzawnZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82756385ed7c4d22-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff1a2cfee92c1697ac564742e89f106a2ef63fb7d99515e9bcacdc83d8f51fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137193
x-xss-protection: 0
server: cafe
etag: 14801702044585696659
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:56:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 218F 9 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D02 0
19 B 68ms
68ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1700197003&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003305&bpp=6&bdt=165&idt=111&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2003660574742&frm=20&pv=2&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=127

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id&bust=31079698

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 04:56:43 GMT
expires: Fri, 17 Nov 2023 04:56:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 work-sans-normal-400.woff2
microsite.s.id/assets/fonts/dist/ 47 KB
47 KB 290ms
262ms Font
font/woff2 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/assets/fonts/work-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsite.s.id/assets/fonts/work-sans.css
Origin: https://s.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47800
last-modified: Wed, 06 Sep 2023 09:42:59 GMT
server: cloudflare
etag: W/"bab8-18a69dfa4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBRv%2BvXqOVhR9A2Wt7vq6Oa7XJUvqTPkVSlQhVyhQN%2B%2BvEM74jZJLYeO4qhUYudd1hiKesdYYBPIOCHQH%2BVoU7t8asEtsplE%2Bq8wDgoslgErLUPBR1mU3NfscHsd66aKC%2Fo454RIKzdGX%2BPp"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://s.id
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 827563886bb22c6b-FRA

OPTIONS
H/1.1 204
No Content adcap
app.s.id/api/ Frame 0
0 629ms
212ms Preflight 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=beeesdssd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://s.id
Connection: close
Date: Fri, 17 Nov 2023 04:56:44 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 506.9f321d440064bb53.js Show response
microsite.s.id/_next/static/chunks/ 1 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/webpack-9cbf820596dfeb98.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 618617
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 01:00:56 GMT
server: cloudflare
etag: W/"44a-18bac725540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmq8T5MMnGoo98VYwLYpiNMEJCgTj%2FS5boNlTJt4QsPa%2BRrnAEj5cD70XQagZS3w3U6EeNbPGnEtW4r3JLegeFRNuK9G6Z6dNUtdfULNqhcYF1YCPHoK2aNzZTCVbktv8NykG3DcPoU0N9%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 827563885cd69b63-FRA

GET
H/1.1 200
OK adcap Show response
app.s.id/api/ 37 B
704 B 614ms
211ms XHR
application/json 45.126.58.90
IDNIC-PANDI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/adcap?short=beeesdssd

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),

Reverse DNS

Software

Resource Hash

4c2330d21f6fbb0454cac69744a0bb9bed44f2e84474c2bdf2945bd0140bf995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
DS: 1700197004,ntpt4q,0d950ad3ac5944e4810f47de4e55bf60
Referer: https://s.id/
X-RPC-Lang: en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 04:56:44 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://s.id
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 68ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

902b4aa4c4e671fcd11128dc0efa4dd4ad8e9230c3a2fc425383e95d14adbf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 04:56:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 65ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K

Requested by

Host: microsite.s.id
URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73e7fbac10fcaf542b1a9f884bd68c17b4e92caf8af94a4a96b3309fa49d6e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 04:56:43 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EAE 59 KB
20 KB 664ms
664ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7c88d480e0bc136e27bf8bec07436aa5bbd9ff288c98321aab810f0845da23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20926
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 04:56:44 GMT
expires: Fri, 17 Nov 2023 04:56:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 230F 127 KB
43 KB 388ms
387ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a05fc9d26bd1138cabd2b05e08cf392997802b97c1595a55e26ced0f17fd4b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 04:56:43 GMT
expires: Fri, 17 Nov 2023 04:56:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f39a2c87-8421-4ad2-acf8-605bfa4ad6eb_640x640.webp.jpeg
cdn-sdotid.adg.id/images/ 6 KB
7 KB 733ms
704ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/f39a2c87-8421-4ad2-acf8-605bfa4ad6eb_640x640.webp.jpeg

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0edc04c0cd44afe889efbba9d37412e45656459509c12b4bc354cd10e0fe1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
x-amz-version-id: PbG3Y29gTcGQ5qspLzvEYnZRB_DQ0WB5
via: 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6284
last-modified: Sun, 08 Oct 2023 08:04:21 GMT
server: cloudflare
etag: "8745f7c8d5dedc44eaa0039c1d16ba6b"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX6tsv7f9aThpTBK8GCeyy2HdcSKGVnvnR2UZb2nLDeWpivWjXqtokyeVpjEQi6I6LzjmLziDXCZ52egdWsFyMLlMl5vB2hJCTLVRwawTPq0y0q8lCrSafCJ5MNBWQLg6mRQdRQ0D9zCdY6FFvn4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82756388bb442c5d-FRA
x-amz-cf-id: 8uzuFHZQaUbD5rqm2IsW9wOpVhcXvsnjYElt2psmX8vxfkeBFws7gg==

GET
H2 200 afa20278-f645-4339-ac36-3884689b8a5d_425x424.png
cdn-sdotid.adg.id/images/ 31 KB
32 KB 80ms
51ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/afa20278-f645-4339-ac36-3884689b8a5d_425x424.png

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d0198d5674d87b8851607a5ce670c30940fb270a96f55fa0b1f0db71c9e565

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
x-amz-version-id: j1ggnmt0rlT4lR5i_erIQldecYrh2Uh1
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31467
last-modified: Sun, 08 Oct 2023 08:12:36 GMT
server: cloudflare
etag: "74b26f6c18ea368d0b5c044321d0277a"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLuQ9Ny5KHCvlfWOqpa0Ovu14sdo0So%2BdBtg%2BLVnxZAIdwSD0i55Vms5Xf7jxm1Yhu617nKy8dk4bYfPIPgXnamtoAEZWvdOI%2Fg9At4gbMbWrtHmam%2B02oRu1wiKZXcc6tZ%2BT0WWrX05oSRe%2Bj75YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82756388bb482c5d-FRA
x-amz-cf-id: p-ZTxgiamN1cfWdPN1YiIX6gm-mSA_blBNmFyR_FqgwZOQDAgEGyqw==

GET
H2 200 32a3ee24-4b2b-4890-89bd-45726ba44633_425x424.png
cdn-sdotid.adg.id/images/ 31 KB
31 KB 727ms
699ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-sdotid.adg.id/images/32a3ee24-4b2b-4890-89bd-45726ba44633_425x424.png

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806c1ef5fc100326a319743d38db306c95dddc723f8cdfe5449e2802e1b5fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
x-amz-version-id: 3xn4sUQdOPA57llBUGZVPmiRUmETRfUS
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31475
last-modified: Sun, 08 Oct 2023 08:12:47 GMT
server: cloudflare
etag: "bd06921f53c4d121a0d8ec2b3a3ff474"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wuupn81jiyoUgRpLB4ZVkc45TGBChlNEriDF5%2BMLMw3Wrz%2FphdCrwBCzhQ0E23ev6ZNviCyN5lb8HUoum4HCR9KyHPOFYoDq9zE%2Fer1%2FT8uk0J85SMEGRrm93JEbvGa6X%2FbGD5Nbc7B0oFK%2BXrYX4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82756388bb462c5d-FRA
x-amz-cf-id: 7-Kl_KoZmJm-RkDXfhuv4NeE5ni-bnw9yNjveQf-QQIAGDsUWUKbMA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 49ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b81v881303989&_p=1700197003589&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=985475166.1700197003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700197003&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3455
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dc2f3e9f0e538455cfd53c997c23ffc331e627a957d49f30463c049a2904b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 04:56:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b81v889124241&_p=1700197003589&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=985475166.1700197003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700197003&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3482
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=985475166.1700197003&gtm=45je3b81v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 90ms
34ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=985475166.1700197003&gtm=45je3b81v889124241&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1772371926

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 230F 6 KB
1 KB 223ms
184ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:45:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 04:56:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 230F 2 KB
903 B 239ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 230F 23 KB
9 KB 235ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 230F 3 KB
1 KB 237ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25C7 1 KB
643 B 178ms
177ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 230F 20 KB
9 KB 231ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 230F 0
0 225ms
21ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStG5PHNYuUPjGnoCOE9R39mq6Z_XUbuOHduJjd-6NFHofEMcdaAcpFXMlVy9UjtI_HkfYbpsRjbyirl9FVgeCSTzf5Qw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 230F 203 KB
64 KB 243ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:56:44 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 230F 37 KB
16 KB 244ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:20:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 03:47:40 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17868678828756748610/ Frame 230F 6 KB
6 KB 239ms
23ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17868678828756748610/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4da31f93bab63e07ba85ad5aeb2c8d0dd6035b191b501fc7d66e332fb08a019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:24:37 GMT
x-content-type-options: nosniff
age: 142327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6285
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 13:10:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Nov 2024 13:24:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUK...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUKGoSCix3U1yv6gLfvtlFFlwnm-BozdghYltPezoAaACvwT7DKKMDKpdQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 04:56:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESENu8Pgrb_RDJd3_DsBgwBqs&google_cver=1&google_push=AXcoOmSWNCPpTl19YczAP0bxLT48TfYXJZTbXErv8Z3fBUKGoSCix3U1yv6gLfvtlFFlwnm-BozdghYltPezoAaACvwT7DKKMDKpdQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 25C7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fu...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5...

43 B
422 B

175ms
166ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: s.id
URL: https://s.id/beeesdssd
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8275638e2b04372e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 868
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKrKfirImQUo6ZwnAFrEXYE&google_cver=1&google_push=AXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_JFfsdMPx-tar6Vv0L3SVpT0mAiXXS0FoOAx9HFWBo2Gq3F6g_lP_ir77ppII5JLiv5w4i74KRoVSQCvN8BQSBGb8Jj5fui8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8275638cda1f372e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELFtrjQ7elNCaqOyjVM4YFE&google_cver=1&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX-5ZqltLZ2K_yaUJk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9DB8A8F9EB4BF5928860D2F09FB756&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX...

170 B
330 B

28ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9DB8A8F9EB4BF5928860D2F09FB756&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX-5ZqltLZ2K_yaUJk

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 04:56:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9DB8A8F9EB4BF5928860D2F09FB756&google_push=AXcoOmSv9gF6n4WITJOMLgR0hCg62_rZdspyCDvoxrCwCof-7OKz5bfxSB6G4v6Y1NaCDCFPtE_XoAZbo92OpTX-5ZqltLZ2K_yaUJk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 04:56:44 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 25C7 70 B
150 B 140ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIP8kxgsoBz2WhgezHew3xg&google_cver=1&google_push=AXcoOmSi62C3EGtMRaNEcNqhvbVB-HOqzahiCVn2G3003VpfiET3EXPrwK2A4eiOweRq9JZmZ77boJ1TKXBsIWrPK_Gfyv8Bi0EvcQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENw4VgB4Ip_PM9nA0cuotsc&google_cver=1&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm0904AKiylBpamju8SAQ&google_hm=Ge5Q4OYgSDyZ7G6V44...

170 B
233 B

28ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm0904AKiylBpamju8SAQ&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTUZYblq2v8CT0gzZkWqif_792BolsNS4UJ4x8crs9jTHrxTiF_Y0O2poMdkRwxoQJIcng25LRX1Bm0904AKiylBpamju8SAQ&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 25C7 43 B
147 B 83ms
15ms Image
image/gif 3.124.81.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAx64Qoj-tVTXitwvjzQQi4&google_cver=1&google_push=AXcoOmSEu0Z2LCk9Q7v6p4LqpBM8dIlYu72E5X9pVDrq1CSlc88eAFyTLRnErJw8-HLMJvUUvttJcu3eLlgWtm1XwfHxqYpyny3LMbU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=1762859233&pi=t.ma~as.7399768513&w=500&lmt=1700197003&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=1&bdt=451&idt=0&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZlO5A75NfB3HZuNKlDJv4&google_cver=1&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXe...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXeGG2cpHO8&google_hm=eS1NeC5SZWl0RTJwRld...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXeGG2cpHO8&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 04:56:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQG8mqLjUjnSZHRLxYYOZBtdU7IGeqTND0ud4dwit4TmHov7wema9IjO1ES4--cc95Av7ixKsrO1BO1KKOdjShoPXeGG2cpHO8&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 25C7 0
131 B 82ms
28ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYJndwygBRMGWKjJpXvtdKrvMWDyvJP9DlXLZdK0T7XS8Ir6da6JmLqH5Q4ooN0405Swk3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame E13F 91 KB
36 KB 108ms
47ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231117T045644Z-qrmemc1zbd39t01vkq5fzpy9gg00000001hg00000001v1zg
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc781051-701e-0094-4953-1821c1000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame E13F 80 KB
28 KB 56ms
16ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Fri, 17 Nov 2023 04:56:44 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 139784
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230060-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1700197004.328397,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 217174

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E13F 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E13F 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E13F 0
0 25ms
23ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2jeJPmdajIv0UHqMbQh6lRTF4gi7KSFHrQfd-X8rD5QOP983By61BSrJHTyQq5wGLKFFY_kRDX7hxiJlWJGeGd4V0cA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E13F 203 KB
64 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 04:56:44 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame E13F
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=37d8c923-a9dd-4e84-b9e8-1c86f5a59209&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=1a4a9dec-8432-467c...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58474dfded0a4079bd2d91fd99e167d5&SNR=1&GV=2&med=10

0
548 B

59ms
59ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58474dfded0a4079bd2d91fd99e167d5&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15AFD43CD6EC4996A94B03757D6CE54A Ref B: FRA31EDGE0808 Ref C: 2023-11-17T04:56:44Z
x-cdn-traceid: 0.9fa12417.1700197004.6a49ead1
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 17 Nov 2023 04:56:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 508FE3D343A84FF1847BF55A962DDF91 Ref B: FRAEDGE1521 Ref C: 2023-11-17T04:56:44Z
x-cdn-traceid: 0.9fa12417.1700197004.6a49ea12
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58474dfded0a4079bd2d91fd99e167d5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
DATA 200
OK truncated
/ Frame 230F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c1d09ad4c7275a424fba8bdc719a7cdcba19205505b2d6a27d1d835bc9ad20c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 th
www.bing.com/ Frame E13F 13 KB
13 KB 10ms
10ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559545579724_1E2ZJKXB659PURGETI&pid=21.2&c=3&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a5bcb98416718419e8fe5db1a9ba79138a53af670075083b565e33ab9ac22fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9fa12417.1700197004.6a49eb3b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 13122
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame E13F 0
530 B 60ms
21ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fs.id%2Fbeeesdssd&e=wqT_3QLqA-jqAQAAAwDWAAUBCIvl26oGEJfo3c37zsXIHhgAKjYJnaPQCdpL0z8R5VPGn3PI0j8ZAAAAYLge5T8h5Q0SACkRJNAxAAAA4FG4vj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47vEFgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vcy5pZC9iZWVlc2Rzc2SAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF_NDZxvHHlpZ2wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFx5FM-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-7xBdIHDQkRKAEmCNoHBgFepBgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=b438cd3222d6ad963699b04d7569290575a2c302&bdref=https%3A%2F%2Fs.id%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fs.id%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2742216534640545%26output%3Dhtml%26h%3D280%26slotname%3D7246512857%26adk%3D2068013325%26adf%3D1690083933%26pi%3Dt.ma~as.7246512857%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700197003%26rafmt%3D1%26format%3D500x280%26url%3Dhttps%253A%252F%252Fs.id%252Fbeeesdssd%26ea%3D0%26adtest%3Doff%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700197003592%26bpp%3D2%26bdt%3D451%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2003660574742%26frm%3D20%26pv%3D1%26ga_vid%3D985475166.1700197003%26ga_sid%3D1700197003%26ga_hid%3D1952047793%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D550%26ady%3D834%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44795922%252C31078301%252C31079698%252C44807749%252C44807763%252C44808148%252C44808284%252C44809056%26oid%3D2%26pvsid%3D4422771724974022%26tmod%3D150568957%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D5,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2742216534640545%26output%3Dhtml%26h%3D280%26slotname%3D7246512857%26adk%3D2068013325%26adf%3D1690083933%26pi%3Dt.ma~as.7246512857%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1700197003%26rafmt%3D1%26format%3D500x280%26url%3Dhttps%253A%252F%252Fs.id%252Fbeeesdssd%26ea%3D0%26adtest%3Doff%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700197003592%26bpp%3D2%26bdt%3D451%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2003660574742%26frm%3D20%26pv%3D1%26ga_vid%3D985475166.1700197003%26ga_sid%3D1700197003%26ga_hid%3D1952047793%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D550%26ady%3D834%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44795922%252C31078301%252C31079698%252C44807749%252C44807763%252C44808148%252C44808284%252C44809056%26oid%3D2%26pvsid%3D4422771724974022%26tmod%3D150568957%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D5&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
an-x-request-uuid: 56e60892-855b-4d42-abc3-2aa4417eecbd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.57.4; 37.58.57.4; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 230F 15 KB
16 KB 52ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 297481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 18:18:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 230F 15 KB
15 KB 65ms
32ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:27:48 GMT
x-content-type-options: nosniff
age: 16136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 00:27:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 230F 15 KB
15 KB 54ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:08 GMT
x-content-type-options: nosniff
age: 111816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:53:08 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 230F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoVD9i_JWZff2Jf6Y9u8P4rOtyAi7-tmddOvWmr6nEvb3jpitQRABIMqE2o8BYJWCgICwB6ABqJLWvwPIAQmpAtO9xlVviIM-qAMByAPLBKoEwAFP0LeVJlztH-vow02ImoKSfHLDzVlb2Wb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226743300970312510784%22,%22debug_reporting%22:true,%22destination%22:%22https://boozt.com%22,%22event_report_window%22:%222...

0
0

135ms
58ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226743300970312510784%22,%22debug_reporting%22:true,%22destination%22:%22https://boozt.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22938838312%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225720960015505535073%22}&andc=true

Requested by

Host: s.id
URL: https://s.id/beeesdssd

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6743300970312510784","debug_reporting":true,"destination":"https://boozt.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["938838312"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"5720960015505535073"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 04:56:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 04:56:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6743300970312510784","debug_reporting":true,"destination":"https://boozt.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["938838312"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"5720960015505535073"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5153 39 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 21:40:33 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 100ms
47ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 04:56:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EB4F 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E13F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 520405ff47c575f71ff471d1d05b39139b5cf034dacda9eb31ecbb7bc9862331

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E13F 0
19 B 60ms
60ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkTLli_JWZYLlJbXd7_UPlfGVUNLg1-Buj6S2k5MKwI23ARABIABglYKAgLAHggEXY2EtcHViLTI3NDIyMTY1MzQ2NDA1NDXIAQmoAwHIAwKqBK8BT9CDh-rpOilihjkKFHO5LbeZabGDvZ6lLC2HzsCuu53Z5PCqatbVcTZuHCZ8vEJJAM36sPh6oNNvVGS_5_KzmTdz6jMNEntchituJf5SAiYqF6ngRRaj41X9h1fhdn9PGlOPUVEzhE8mcuX8pFh4dRVJscAGX8TjxPIZ163T5I1t7O5JcLXuoeCBaQT9I8pBcxlkm7axphl1_BN_aVu3PgXMuHaugZehAAoa1IFEdYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNzQyMjE2NTM0NjQwNTQ1GAA&sigh=lwVFo5E-MZ0&uach_m=[UACH]&cid=CAQSOwDICaaNWunwuvrrjpbUFbMJixuiYGN-mDFFPdYRq74vxRe41F6SJ_sNBLOQkAeaZs1v4wK3CY5hp5ALGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 04:56:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame E13F 0
529 B 15ms
15ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fs.id%2Fbeeesdssd&e=wqT_3QKeB-ieAwAAAwDWAAUBCIvl26oGEJfo3c37zsXIHhgAKjYJnaPQCdpL0z8R5VPGn3PI0j8ZAAAAYLge5T8h5Q0SACkRJNAxAAAA4FG4vj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47vEFgAEBigEDVVNEkgUG8F6YAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vcy5pZC9iZWVlc2Rzc2SAAwCIAwGQAwCYAwmgAwGqA7ADCsYCaHR0cAEs8GF3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MWE0YTlkZWMtODQzMi00NjdjLTljYjktNzgzNTE1NmIxMDU3JmJpZAEreDUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWQuXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBNwAxjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8E9fcHl2cHhwYmFzdmV6bmd2YmFfdWImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjAyNTY2Mzk2MjMzNjEwMjYzIgkzODE4NDY3MTQqBCFj8N46OFUyVmhjbU5vUVdRak9ETTJNekl3TVRZd05EWTNOekFqTWpNek5UUXpNVFF4TnpJek5EUXpOdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfzQ2cbxx5aWdsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBceRTPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1b1ce59f46477092cafd75604c2df9ecc656d280&pp=ZVbyiwAJcoIIu-61AAV4lRBLDcAjuldTjnOkdg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNrCEi_JWZYLlJbXd7_UPlfGVUNLg1-Buj6S2k5MKwI23ARABIABglYKAgLAHggEXY2EtcHViLTI3NDIyMTY1MzQ2NDA1NDXIAQmoAwHIAwKqBLIBT9CDh-rpOilihjkKFHO5LbeZabGDvZ6lLC2HzsCuu53Z5PCqatbVcTZuHCZ8vEJJAM36sPh6oNNvVGS_5_KzmTdz6jMNEntchituJf5SAiYqF6ngRRaj41X9h1fhdn9PGlOPUVEzhE8mcuX8pFh4dRVJscAGX8TjxPIZ163T5I1t7O5JcLXuoeDDayVv4W67Ho2e7wMv_53D-DB17VKZJtxuPi8qPReLLBLaVWMp4cvWn4AGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Q5pyK9tihaOdJ_SUzuCBA9yDHYQ%26client%3Dca-pub-2742216534640545%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
an-x-request-uuid: 4a2acb3c-203e-4ff9-8c12-ba61e489f9a5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.57.4; 37.58.57.4; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame E13F 0
553 B 17ms
17ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fs.id%2Fbeeesdssd&e=wqT_3QKeB-ieAwAAAwDWAAUBCIvl26oGEJfo3c37zsXIHhgAKjYJnaPQCdpL0z8R5VPGn3PI0j8ZAAAAYLge5T8h5Q0SACkRJNAxAAAA4FG4vj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47vEFgAEBigEDVVNEkgUG8F6YAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vcy5pZC9iZWVlc2Rzc2SAAwCIAwGQAwCYAwmgAwGqA7ADCsYCaHR0cAEs8GF3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MWE0YTlkZWMtODQzMi00NjdjLTljYjktNzgzNTE1NmIxMDU3JmJpZAEreDUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWQuXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBNwAxjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8E9fcHl2cHhwYmFzdmV6bmd2YmFfdWImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjAyNTY2Mzk2MjMzNjEwMjYzIgkzODE4NDY3MTQqBCFj8N46OFUyVmhjbU5vUVdRak9ETTJNekl3TVRZd05EWTNOekFqTWpNek5UUXpNVFF4TnpJek5EUXpOdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfzQ2cbxx5aWdsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBceRTPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1b1ce59f46477092cafd75604c2df9ecc656d280&type=nv&nvt=5&jm=1003&px=82&py=0&bw=336&bh=176&sid=5574395411485415351&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=500&ph=280&ww=500&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
an-x-request-uuid: 3127e26f-e597-411a-93fc-239aea576d47
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.57.4; 37.58.57.4; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB4F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cver=1&google_push=AXcoOmQAhW1_JPhtrB09hUFamaf6Hh6Pb-n5LKd5iTTe1xT...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cver=1&google_push=AXcoOmQAhW1_JPhtrB09hUFamaf6Hh6Pb-n5LKd5iTTe1xTHjlc48v2VGfVoJagrfwbYNMnnSIKr0RQHkm7DUnQWKc0coCg0xjQf7cYu

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 04:56:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QnFOQVRCZ04xUjNRVWs1&google_gid=CAESEMhmh__thzCYu8z_G514His&google_cver=1&google_push=AXcoOmQAhW1_JPhtrB09hUFamaf6Hh6Pb-n5LKd5iTTe1xTHjlc48v2VGfVoJagrfwbYNMnnSIKr0RQHkm7DUnQWKc0coCg0xjQf7cYu
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB4F
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgpW7LCQyJYICnyfY_Oybs&google_cver=1&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchF...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchFYb1Om-xSCJUE9yNQOe10&google_hm=Ge5Q4OYgSDyZ7G6V4...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchFYb1Om-xSCJUE9yNQOe10&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvMWRl6v2efj7B9tyq1Y1g-Cqg9SVpKdcxOlbcnRDQ3oO7zQqkRljQGOVbLkX5ymzFHKmgbadmchFYb1Om-xSCJUE9yNQOe10&google_hm=Ge5Q4OYgSDyZ7G6V448YsQQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EB4F 0
174 B 88ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF6JZhOojWLR1hFSfurin4A&google_cver=1&google_push=AXcoOmT65pswd1L1065xQtX0PcheM8_Rp6K3d5ay5PSjRYY04S1DZS0xmdlZI5fGbSIankb7b-L7PHNQ-I5LE7RHI0QwjJs_GA72yzgG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=1690083933&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1700197003&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fbeeesdssd&ea=0&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700197003592&bpp=2&bdt=451&idt=-M&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2003660574742&frm=20&pv=1&ga_vid=985475166.1700197003&ga_sid=1700197003&ga_hid=1952047793&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C31078301%2C31079698%2C44807749%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=4422771724974022&tmod=150568957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB4F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBf3UHR2xZQ4Hnznycb8a78&google_cver=1&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5eeKISpUS04zsR4Tu1C3IA&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09mruPkizRUIn5U-WY

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5eeKISpUS04zsR4Tu1C3IA&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09mruPkizRUIn5U-WY

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 04:56:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5eeKISpUS04zsR4Tu1C3IA&google_push=AXcoOmSdfzJyeAOeNVzjK7KuA455IVKa0ZhtaWrjxuXXHLQYACPmQWmcTbVOUxnwIKu5mRVfW_5lL6dHd-uA2_09mruPkizRUIn5U-WY
x-host: tde-deliveryengine-production-bb588bf9-bkx48
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB4F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA5TeAgsMlLSGllyrAHnXcw&google_cver=1&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnHcdg14q0E&google_hm=eS1NeC5SZWl0RTJwRld...

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnHcdg14q0E&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 04:56:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTQVgpfyJctoVEuTW4K9OJicg6A2bCqHS_AZp23a_2Pj2CkBgzhaRmZG2uiBJ3-dDBKhk6ncp-lksqJh4EaFH9KwnHcdg14q0E&google_hm=eS1NeC5SZWl0RTJwRldkMnNRTnFPMzQxS3M2SXJOOG1hM35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EB4F 43 B
363 B 60ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRQnEuPCT7NV1ie8nzMlMBNa2xHUQ_Oo6mXwC_WkItfYisTvXgxxQbr114Sx6pPd8JnkJjHmIFIQjsYMBGFGzne2YQPBfqorsg&google_gid=CAESED2zIE4HOcK4NiHFrcFKOVc&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 195245
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB4F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGSz-zpITRJhLgSL50ULz8s&google_cver=1&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDSZNgHj3RppqfYFRNNclk

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDSZNgHj3RppqfYFRNNclk

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSEhRYtByuPHOCeXeWNkmpEW344wjSdTP9u7iRywTctLcNhAZPxwsrAX_6LHUDnPJILW9LWqCaU3oDSZNgHj3RppqfYFRNNclk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EB4F 0
12 B 32ms
32ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMgmCCKvnn9tneyvMrR3kqq5c0Nh84ShZGaL_rEOmg4eUYEIPK8KBVs7rgcdDt5OFpZsVe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
32ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c84f0a3c7b5a358bcf437d1494381ac7c43bc38106a301c6a1d46d4e68925329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12204
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 04:56:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77CB 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:42:54 GMT
expires: Fri, 15 Nov 2024 13:42:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3522 829 B
557 B 25ms
24ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d57df0c2fb90506081aec7dc0d9c32e8a05d6b37179808390cd3f5c7587090b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GQeB8s8AJuATVpbnLNsIyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GQeB8s8AJuATVpbnLNsIyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 04:56:44 GMT
expires: Fri, 17 Nov 2023 04:56:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 77CB 39 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 18:01:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3522 0
0 61ms
61ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4422771724974022&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77CB 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WJym1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:56:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E13F 0
0

POST vevent
ams3-ib.adnxs.com/ Frame E13F 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 230F 0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4422771724974022&bg=!Li2lLWLNAAZxrfrxUa07ADQBe5WfOIMgu-c84bumrI3e97abMHh--bVaA5U0rBev_3Vwsx56eTjyhEPxfbIDulHAGl5fAgAAADxSAAAAF2gBBwoART0Xz7255PzrY_tj0nU95WRxQdEcL7CWJ5iwHpy6pWt-9EMoBWwEhfE1qo5sW_OdJuKXPSc-FzlBKkUJhh3IABONkVNpdJkCtgu1fuwzQSMQYnMCmukxZxmigvwwqUfyPvjdQ1f9d2ZEJkuEyZeEMNIync8pZgnRis727ofPx9N-GxRMr4INulXv9obP3vluHe4c3x7_xFCDUDlxim6Mkn65whZVzc9x24tTkLGrYXu-dvx9RpOBb3uo8m9wfveJKM4HPAGld0LfgBDPwH68l8fbtQ8qEqTir5V4GfL-EQ86QeaOFPoF2OQUbESYC9Q-A3P63M-ZwQp4y5K8EEv8RAwUNrjuTsazLsRn6R9Gi98Y7qYI4_Lrh4XPIELWVEpYXZlyZbyMZRvVDHiFFMELGYvXgAyHIu6HqJMXoDwK-G3dkZOTNhz6c2cZHs-toG7co-ocXAbzB3TUcPm3MQ7pqB2lGJO_8ewsWXKMcXp7ueW_lGgAuvpzQ1Fy0EskqYnxpQJyMbz6KveQ4n-aSVv9TzHiJ6dHbvPQ5OY3FQXs6U6Ser7CDUj_Df_5FoJi1TI0iosE5wBkclRt6QY1fr-uekSLJZts2DKHH9SYBe_0c-eEF5rI4RfE_9lXR08seodkOmN6cnyYXY931lL5f083DJ-o-bTMh4mS-f-ZILn7Y1QLrzwjRKQzXRh69kb2vNS_5AWftOU3usoL-lK6dFyV0X4t1EyHmiOwByqyY4rf_GZ2OhIC6HQJhbDqes4LtYpTT40isi-6GShg0LEdICfEl0TIr4J23Q4n6L8omQi6sBQO9TPB7xkTIJivjtCIs8v8KxlKDopNuAjfPJx7Jfs_2egVzLiZ5FmhNU_bdlEds31jNJzwS_NR2zu3fF5X-AOGnthWkxWeuG4mitIZitTdV_pF6OEReD4mlpVPyKhmdqn9nMTwQxw8Api5xw-ahK3A1cA5SYand3l6Iuu63tJUpSC_MOQbZxx7zjncAZvJ2h9DERyfQfkS8jgqAlnd20Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 25ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b81v881303989&_p=1700197003589&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=985475166.1700197003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700197003&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fbeeesdssd&dt=g%C3%BCvenli%20destek&en=scroll&epn.percent_scrolled=90&_et=10&tfd=8467
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 04:56:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrc8vEjOwLI5dxweiEBr7-3ust6neyN798VuXwEWS0uu8TYawLPLY8nyFkxEZQknoCIuaI3DeBe-5e7bSA2vfjDSFR6tULDbv8w50DkXCrF6SzGsFn2Q&sig=Cg0ArKJSzFzpLVLvyvxLEAE&id=lidartos&mcvt=296&p=0,0,280,336&mtos=296,296,296,296,296&tos=296,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700197004275&rpt=249&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fs.id%2Fbeeesdssd&e=wqT_3QKeB-ieAwAAAwDWAAUBCIvl26oGEJfo3c37zsXIHhgAKjYJnaPQCdpL0z8R5VPGn3PI0j8ZAAAAYLge5T8h5Q0SACkRJNAxAAAA4FG4vj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47vEFgAEBigEDVVNEkgUG8F6YAdACoAGYAqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vcy5pZC9iZWVlc2Rzc2SAAwCIAwGQAwCYAwmgAwGqA7ADCsYCaHR0cAEs8GF3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MWE0YTlkZWMtODQzMi00NjdjLTljYjktNzgzNTE1NmIxMDU3JmJpZAEreDUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWQuXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBNwAxjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8E9fcHl2cHhwYmFzdmV6bmd2YmFfdWImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMjAyNTY2Mzk2MjMzNjEwMjYzIgkzODE4NDY3MTQqBCFj8N46OFUyVmhjbU5vUVdRak9ETTJNekl3TVRZd05EWTNOekFqTWpNek5UUXpNVFF4TnpJek5EUXpOdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfzQ2cbxx5aWdsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBceRTPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=1b1ce59f46477092cafd75604c2df9ecc656d280&type=nv&nvt=9&jm=1003&px=82&py=0&bw=336&bh=176&sf=1&sid=5574395411485415351&vd=ct~0|rr~319|dm~90&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&pd=0.02&d=0.31&id=0&ic=0&d0=0.02&d25=0.02&d50=0.02&d75=0.02&d100=0.02&ft=3

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-us-VflLuRCi_8dmmPqfH8l_qxP-faAtHCiIAIiadvPphTVEEvvtAZ8FiCi9D0a4k5p7LD8RVpgNppGdidah4C9SWVtlcDmhbASE-lNeaajHKlCZ_UEkVyN5hN0nGIPqNJY-_mPq_2E-llFdH_3l7M2fwg16KkacaE4kPDiezo_dPLm93cs5HVFbsmovBkXTTZZLSE0uvd1RyhiP1BG-r4g_5WL3eGAfrotmIBoPHkY1ZiEJYCIIJf7Nh5qpdGlwf-1ljTNa17q_luOMBgBh1afHwpVz5NSbY_gLAe02uZNOBZs9GrOFIMGQPRUzSZ082CyqMdpLtRmWKLhHW7CPd3J1bcRD0n4rykXFSdOZJDjbWcMNs4pvlJ3kzFpoQ-If7N5vCXSAyJBo309Udn7eDGPaI-YGrDfQlkbfaplVcvGdb6DWZ-3yVFZ1Vc_sg8BEhiD41z6suv46vrYjrDBu4azRBWDEzxmLTFnAF27LluEXQ4aQ08hSlNFWv-IZaRFBYCG-U4kJBU8bvUgYFACTobpwh3x7jPX0v1pHi5sXgdd5eXS-IWx3r7bKwlM8RpqpyKs2gQVdHVG6DXA2FoUKL0kK336rBFB5ryi0Zm06Y7MpzVf160KX-S3PITqvBay471fYWk4fq1yZNB1k_glGx-q2Lj-96pj9WzLgzkOKjfTINjaveount_Z5-A9CKebgTOO8vNjp1OcTGL5Zye53Zmz95XPVlPmqFZETu3AFcrImHrvWnu1h0hSyKO0bfjK5u40nszN4qrSH_DqWd_7hn5DBm3EK4vKXe8ftpjur-4EfUA2RJkSMsg38Kanwe3fs3WdgfoI0qGwl9Nfm8GPDDQuar-xxNjdDl9ZlMxoHLeLUWEpmY4VBEajujBELygLeCxiT7S539yNxgyU0lGBRx6eeYnqYpKVq8so66HfdCMWAeYcarSv9263EeenpWTFNDX9Hn52YiKO8sDXYs2oDWXuzY9SZ6sUR4MLMXkUPOfrv-2FAQLYaNPGnHq9cye8qHrRHiQDyyXaWUd6uvt6Nxsm4dCx-rC83lH1l5mHE5g_e6aVJfReYsTkVtzOXyH22WSP8zoqWNq3XuhBxxJda_Jl2agZNZ4lOxJcjmQq-AXLLWlKph2ZfzHODj62VH5uScaV3WlAEthTE2l03NjYPvY7GUGP7DuMqDSsnsfvvH-RlW-xywvRCS_cwvV1UwXxKchwEJ4LM_feW7iMb0dSziUASGIIfIt7cKmAj53sxNofRPpRcHTRF2&sai=AMfl-YQ7mgzuVamlM1zWuixntWGu-agPEjH1YkYX9N-PPaug_PBmN-L4cXVleEWI471aPZPzcL6jUb1GDTm5EX3CP4yrIGmKYwWLaym06xh-wPyE9MaekrjsJF2WkRk0_yCJv5KoepIgCkxolg&sig=Cg0ArKJSzEh4wl_rrtuiEAE&cid=CAQSPADICaaN0X-ritPW5A_y6Kwd12Nk15Ng4LBzjB-RKrY0uM0rZ_v0l_wGq9dTKb-4WVR4Q4GTSvHNIRR09BgB&id=lidartos&mcvt=393&p=0,0,60,500&mtos=393,393,393,393,393&tos=393,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700197003601&rpt=839&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-21 01:52:37	Name: _ga Value: GA1.1.985475166.1700197003
.s.id/	1970-01-21 01:52:37	Name: _ga_LJQ0V44EV5 Value: GS1.1.1700197003.1.0.1700197003.0.0.0
.s.id/	1970-01-21 01:52:37	Name: _ga_GTE5CBQ89K Value: GS1.1.1700197003.1.0.1700197003.60.0.0
.doubleclick.net/	1970-01-21 01:38:13	Name: IDE Value: AHWqTUkckiEp97hTPCnk_6Imjd2ioSzPAQ6VxVv-BtZfT_WfGuicW0y6SaXwk1krj5w
.s.id/	1970-01-21 01:38:13	Name: __gads Value: ID=d1c7f3c2d20746fa:T=1700197003:RT=1700197003:S=ALNI_Mad1YcH292AzmuIA-6DqhQz_0pUfw
.s.id/	1970-01-21 01:38:13	Name: __gpi Value: UID=00000cca32f46023:T=1700197003:RT=1700197003:S=ALNI_MbZ2VluWZmvo0PxNhhP7XLLhti3zA
.simpli.fi/	1970-01-21 01:03:39	Name: suid Value: FD9DB8A8F9EB4BF5928860D2F09FB756
.w55c.net/	1970-01-21 01:46:51	Name: wfivefivec Value: BqNATBgN1R3QUk5
.ctnsnet.com/	1970-01-21 01:02:13	Name: gid_CAESENw4VgB4Ip_PM9nA0cuotsc Value: 1
.w55c.net/	1970-01-20 16:59:49	Name: matchgoogle Value: 5
.bing.com/	1970-01-21 01:38:13	Name: MUID Value: 1A1EED1DF7F5610C3F7EFED1F69E6060
.yahoo.com/	1970-01-21 01:02:34	Name: A3 Value: d=AQABBIzyVmUCEItS0WD0l95Dv31m6V1ASgAFEgEBAQFEWGVgZQAAAAAA_eMAAA&S=AQAAAgd0wsvm5yi9VKEHc2Y6Mjw
.ctnsnet.com/	1970-01-21 01:02:13	Name: gid_CAESEDgpW7LCQyJYICnyfY_Oybs Value: 1
.ctnsnet.com/	1970-01-21 01:02:13	Name: cid Value: 19ee50e0e620483c99ec6e95e38f18b1
.blismedia.com/	1970-01-21 01:02:17	Name: b Value: 6556F28C25EC08BBCC756657BLIS
.travelaudience.com/	1970-01-21 01:46:51	Name: _tracker Value: %7B%22UUID%22%3A%22E5E78A21-2A54-4B4E-33B1-1E13BB50B720%22%7D
.tribalfusion.com/	1970-01-20 18:26:13	Name: ANON_ID Value: aTntuJNj6WlCyhURB1xU4wjaStgZbUR40Kb6klDRTY9KGQdRQOt3cPRncU3FwIYqpE5QQthJi1B1Fvv8sbOqVZdZbg2
.googleadservices.com/	1970-01-20 18:26:13	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adsdk.microsoft.com
ams3-ib.adnxs.com
app.s.id
cdn-sdotid.adg.id
cdn.adnxs.com
cm.g.doubleclick.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
microsite.s.id
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
region1.google-analytics.com
s.id
s.tribalfusion.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bing.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ams3-ib.adnxs.com
pagead2.googlesyndication.com
142.250.186.130
142.250.186.34
151.101.129.108
178.250.1.9
185.89.210.153
193.84.85.178
2001:4860:4802:32::36
2606:4700:20::681a:6f9
2606:4700::6812:18ad
2620:1ec:46::45
2a00:1450:4001:800::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a02:26f0:3500:1b::1724:a39f
2a05:d018:d29:3602:15ac:aaba:5b42:770a
2a06:98c1:3121::3
3.124.81.102
3.33.220.150
3.69.152.80
34.91.62.186
34.96.105.8
35.186.193.173
35.190.0.66
45.126.58.90
51.89.9.252
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
13d0198d5674d87b8851607a5ce670c30940fb270a96f55fa0b1f0db71c9e565
18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048
1c1d09ad4c7275a424fba8bdc719a7cdcba19205505b2d6a27d1d835bc9ad20c
1d57df0c2fb90506081aec7dc0d9c32e8a05d6b37179808390cd3f5c7587090b
1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43c09214bd5d39e814ff1b645a59a9d10469d7e64b4545f0a0f36d9253a3ba14
44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9
4b7c88d480e0bc136e27bf8bec07436aa5bbd9ff288c98321aab810f0845da23
4c2330d21f6fbb0454cac69744a0bb9bed44f2e84474c2bdf2945bd0140bf995
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
520405ff47c575f71ff471d1d05b39139b5cf034dacda9eb31ecbb7bc9862331
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b
5dc2f3e9f0e538455cfd53c997c23ffc331e627a957d49f30463c049a2904b59
606b15b49ae4d2013c370ba153b9d8fa0c6eb37aab904b9e1d83b7367b742f99
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
73e7fbac10fcaf542b1a9f884bd68c17b4e92caf8af94a4a96b3309fa49d6e66
806c1ef5fc100326a319743d38db306c95dddc723f8cdfe5449e2802e1b5fc15
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
902b4aa4c4e671fcd11128dc0efa4dd4ad8e9230c3a2fc425383e95d14adbf9b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a05fc9d26bd1138cabd2b05e08cf392997802b97c1595a55e26ced0f17fd4b8d
a4da31f93bab63e07ba85ad5aeb2c8d0dd6035b191b501fc7d66e332fb08a019
a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472
a5bcb98416718419e8fe5db1a9ba79138a53af670075083b565e33ab9ac22fb3
a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45
c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c84f0a3c7b5a358bcf437d1494381ac7c43bc38106a301c6a1d46d4e68925329
cc7e1cffa44be8dbb9591c49b44ce2d19530a5ada80b81b7ef3bf8fb77333168
cef5cf264ddfac535ced5939e1508e358d0a976002e05dbbdefefebde10c7abe
dd384b45a482fb44980ba9e0149cd783f22cc3fa25c6accfa3a9a5536c9149d5
e0edc04c0cd44afe889efbba9d37412e45656459509c12b4bc354cd10e0fe1b7
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e85998053023352cb9958c799c29e01b7dccca523f63dbcd56d9a047d7ebcb49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7
ff1a2cfee92c1697ac564742e89f106a2ef63fb7d99515e9bcacdc83d8f51fbb

s.id Open in urlscan Pro 193.84.85.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

84 %HTTPS

53 %IPv6

26 Domains

35 Subdomains

27 IPs

9 Countries

1985 kBTransfer

5883 kBSize

18 Cookies

2 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s.id Open in urlscan Pro
193.84.85.178 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

84 %
HTTPS

53 %
IPv6

26
Domains

35
Subdomains

27
IPs

9
Countries

1985 kB
Transfer

5883 kB
Size

18
Cookies

96 HTTP transactions
2 data transactions