doom.bigtarget.biz.id Open in urlscan Pro
2607:f8b0:4004:c08::79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://doom.bigtarget.biz.id/
Submission: On January 27 via api (January 27th 2024, 5:44:20 pm UTC) from US — Scanned from US

Summary HTTP 101 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 101 HTTP transactions. The main IP is 2607:f8b0:4004:c08::79, located in Ashburn, United States and belongs to GOOGLE, US. The main domain is doom.bigtarget.biz.id.
TLS certificate: Issued by GTS CA 1D4 on January 24th 2024. Valid for: 3 months.

This is the only time doom.bigtarget.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:f8b0:400... 2607:f8b0:4004:c08::79	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4004:c1f::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::bf	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c19::84	15169 (GOOGLE) (GOOGLE)
5 16	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
31	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4004:c17::93	15169 (GOOGLE) (GOOGLE)
10	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
101	13

2 2607:f8b0:4004:c08::79 (Ashburn, United States)

ASN15169 (GOOGLE, US)

doom.bigtarget.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::bf (Washington, United States)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c1d::9c (Washington, United States) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::93 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.31.155 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	841 KB
16	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	213 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	236 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
7	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	242 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	325 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	866 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 12161	61 KB
2	bigtarget.biz.id doom.bigtarget.biz.id	29 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 19720	47 KB
101	11

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	doom.bigtarget.biz.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.googleadservices.com
9	fonts.gstatic.com	doom.bigtarget.biz.id fonts.googleapis.com
7	blogger.googleusercontent.com	doom.bigtarget.biz.id
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	doom.bigtarget.biz.id googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.blogger.com	doom.bigtarget.biz.id
2	doom.bigtarget.biz.id	doom.bigtarget.biz.id
1	resources.blogblog.com	doom.bigtarget.biz.id
101	13

This site contains links to these domains. Also see Links.

Domain
www.blogger.com

Subject Issuer	Validity	Valid
doom.bigtarget.biz.id GTS CA 1D4	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://doom.bigtarget.biz.id/
Frame ID: AEAB9C1A4293A1858E42AFE2109F3F7A
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 00B32F28AB322C8E62CB61449B89A4D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&adk=1812271804&adf=3025194257&lmt=1706323385&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l&format=0x0&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453158&bpp=4&bdt=202&idt=158&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3874137407861&frm=20&pv=2&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 3B342C5D9EEDD9DB1E1E88248CAD2DBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=1437976804&adf=2164475225&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453163&bpp=7&bdt=206&idt=202&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212
Frame ID: 535C5E1C95893F39085ADCAB2DD73BCC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240
Frame ID: F10D504B062A7A2964E4DBE306FE7B34
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=250407664&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453172&bpp=1&bdt=216&idt=251&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=261
Frame ID: BD4838161593056A2C1787194BB7D815
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280
Frame ID: 61CB359BE7EED963086514230F0FB923
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 119B659959816BD23F9B7C01B3E8BC16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CBD7E6270BADE810E12D9C419B0F4F05
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4EA12A3187F8BDF8D6253658A85100E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: AF4CB2F6C432990F056FC22F4CB5F334
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 2A8FB508C153F19B048F3CF0F48E39B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: E5A140A68185D09ED0BED695428B413B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 220FB790C5B1309D5B614894CE7447F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 6ACBDA0AA4F3AF17C0CE0C5B5092C60C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DE7F29F77240A7E27BADE093C4F30CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3B5514AB6652C91504B803B0E500140
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Future of Business

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

101
Requests

95 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

1996 kB
Transfer

4547 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/16768055274177872378
Title: Aplikasi Trading

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/10661931881845934170
Title: Hana Hanifa

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Powered by Blogger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CsLaH7UC1Zf21G7iEvPIP766pwASc6pijdZPGyuTDEsPz8ZfhDhABII7l4JEBYMnujovApIwQoAHtncOsKsgBA6gDAcgDyQSqBN4BT9CTyiyaq2Z0eyxwWfutmMqfKlnDI8uqr1-hz4R1CSrkkqPv0YzKnZKzr3MA0enDCxwBrur0uxp80Daa8Tvf81lFBsFjlbxHXS_cfnbGGQtNu1ONOr4h6hYHjSJdt3UQ26oETVlIJcfKmJ0ltx-Ol2uelCHAU21TyJODOigZshJ38VebSLXDPh55CJUClNqc-7eK6Z1j9U_UBE_l3YiIrZcEcApLGuGWosfSGwIex2LD9FQw_i1ZTJ3TA3QldnHBBSjVBnvmrSBVWkPI-wgeE41zUx5OxXUDW4A-MaLswATXjayHxgSIBZ_v-_xNkgUECAQYAZIFBAgFGASgBgOAB-3Vk4wFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQp-Ut0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli-qtyvj_6DA5oJwQJodHRwczovL3d3dy5sYXBvc3QuY29tL2V4cGxvcmVyLWZpbmRzLTE2LWZvb3Qtc2hhcmstaGF1bnRpbmctZW1wdHktZXhoaWJpdC13YXRjaC10aGUtdmlkZW8_c2lkPWxhcGF3X2ludGVyZXN0X3NoYXJrX3RpbWVyNV9mcmVlX3N0b3J5X3RyaWFsX3N1Yl9jcGEmc2ZzdD0xJm89bzMmY3Rhcz1wMyZlaW5jPTEmdXRtX3NvdXJjZT1mYWNlYm9vayZ1dG1fbWVkaXVtPXN1Yl9jcGEmdXRtX2NhbXBhaWduPWxhcGZiX2ludGVyZXN0X3NoYXJrX3RpbWVyNV9mcmVlX3N0b3J5X3RyaWFsX3N1Yl9jcGFfbWlkZGxlJnV0bV9jb250ZW50PWludGVyZXN0JnJlbGF0ZWQ9ZmFsc2WACgHICwGiDAgqBgoErLqxAtoMEAoKEPCn6ebu76mKURICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzM5MzMyMDM4OTcxMTc4ORgA&sigh=aobJkHeWepw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_6wZ8swKkaxmOZDWR587by-4gekKVnBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc82dd4c9f8e1238b0000000000000000%22,%222%22:%220x98798de2b80674740000000000000000%22,%223%22:%220x3b2f4745a9c139850000000000000000%22,%224%22:%220x1849d698faf5bf930000000000000000%22,%225%22:%220x8c1a3470c9ccd3380000000000000000%22},%22debug_key%22:%228762557046237618732%22,%22debug_reporting%22:true,%22destination%22:%22https://lapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211367665389%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213874082196377824337%22}&andc=true

Request Chain 83

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj4E27UC1ZbXBGKmI3rsPrLGN-Avn9oOlddmF2YT7EaD_vsKPDhABII7l4JEBYMnujovApIwQoAH-gtfaKsgBAqgDAcgDyQSqBN8BT9A2RHkNxcUJPb4KlmoHW8zpcOXCwz_fkycUNAkkE4XMb58e73LdE__SShu73JSddhzF6z-2aobwjqrMp9m2r-V0vgNtDSf9wkxawlKDK3FH3xAyGGTPdQEoCAJiVETARaRQe2kAekjegWwPNZiqXwgzSSHdWs-sTvEZ5tMo_Dtbhbh9KDjnrtd2uMoGcN6x3h0R9ribuC4idp8MbKc2GO34LVWJ5Yo4PtSgHRPLU5sVjVKCpQbgKFzx2CMmCeCCyfG0rpxQaEmLqlStYJSoYsHFtqB7G6MG5PCeugxCbcAEy-S_js4EiAXLq6CATpIFBAgEGAGSBQQIBRgEoAYCgAf-uqe6BagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPvyQ9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYm7nZr4_-gwOaCYsBaHR0cHM6Ly9uZXdzLm1heW9jbGluaWNsYWJzLmNvbS9iaW9waGFybWEvYnBkLz91dG1fbWVkaXVtPXBhaWQmdXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPWJyYW5kYXdhcmVuZXNzJnV0bV90ZXJtPWRpc3BsYXkmdXRtX2NvbnRlbnQ9NIAKAcgLAdoMEAoKEIDp1ZSAjJ_7OxICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMzM5MzMyMDM4OTcxMTc4ORgA&sigh=1AJROiFM2Xw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_LMWz2SSSSr0eNgnJsoHmVriMepOPPKIb1EINrvhxBxxR0pA9foR5Y0BnK2ecQmtlI8XzEEzUfd9bIXGsC582RR5n2vL958mBfMcYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1a5efe7ea104e2c70000000000000000%22,%222%22:%220xd644b88c335843780000000000000000%22,%223%22:%220xbd1f47805311082f0000000000000000%22,%224%22:%220x653deefc6bfac7e50000000000000000%22,%225%22:%220x2be83862068541ff0000000000000000%22},%22debug_key%22:%2212890887112680872278%22,%22debug_reporting%22:true,%22destination%22:%22https://mayocliniclabs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211464458622%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221457297577229144225%22}&andc=true

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=CyvdB7UC1Zfj6HJ6PxtYPxOyu0AuKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBN4BT9DD08TAZdquzgzZm6gbxY8lL11xBtwhV8ovnHjlHuyc7nJ_bC-uNw64-OUYJmBBZloPSehet11b20OENYzU3UHFpvW4INoOcwVi9pOweQSCA8sTinPZhtLTQEHQmnEbQm0vWSz2QQGm_GdSkzmsyibEGL3PNwGnCgQk3y-mePCP2KCCr-24w_R7H4UyrbQPGZkXEp2wqTLntEzsagz8RQoWYpPQCWT7fS16jTic3nrrOTQGcZ2v6HsTLHMGzff_mR8xQMqq31CxqEy2w32HY3YVSQW_MnO2D-sQrfWawASE3_6JzQSIBf6Z7uxNkgUECAQYAZIFBAgFGASgBi6AB-zwrWCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCO7BzSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WOzm3a-P_oMDmgl0aHR0cHM6Ly93d3cub3J2aWxsZXMuY29tLz91dG1fc291cmNlPUdvb2dsZSZ1dG1fbWVkaXVtPVBhaWQlMjBEaXNwbGF5JnV0bV9jYW1wYWlnbj1BcHBsaWFuY2VzJnV0bV9jb250ZW50PUFwcGxpYW5jZXOACgHICwGiDAgqBgoErLqxAtoMEAoKELDygMW5lp3jMxICAQO4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTMzOTMzMjAzODk3MTE3ODkYAA&sigh=c5bCuGR9QO0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_47SKN_lJ6RQnKgKYQ-xrwPVYGV1GpebQcX2A-PB5skQYA0HfhbzGldqhj2mB2h3jfgI5dnmQZBlK4O1Y0KBIBuJrSOW_tGDKVWkYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%222559782824292051580%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223280948064312862465%22}&andc=true

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=CbKxF7UC1ZangHqnCxtYP2YG4gAKKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBOYBT9B6zY3MAVBYxmYNWRaq6wGNbiDkwQxWaretHjhinDuAU1TT41tEgK4FCt7U0uyVX777jiLIu1Bo7maa5fJlmmCAw5qp4wF1nF-hr_Ftvn941Dg4pPW46CB_Kuy1CYKGJVa-zEwJ24PjnDtglib-Aru7pOgIHZV5P9rSEqDahV_wuQUQZaLNzOUR8tDDqrnL65uICCwmHVVK79wBDuw7OG4swK1rZIBV2sbxxPWekVluwOes-JHYdo3eSKiXXO9CYqKuRg1-4sVBudjsnRq-uqCLL79PVYFFWdyMaeT_Ub_BSzwssE7ABITf_onNBIgF_pnu7E2SBQQIBBgBkgUECAUYBKAGLoAH7PCtYKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELGEQNIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYws7fr4_-gwOaCXRodHRwczovL3d3dy5vcnZpbGxlcy5jb20vP3V0bV9zb3VyY2U9R29vZ2xlJnV0bV9tZWRpdW09UGFpZCUyMERpc3BsYXkmdXRtX2NhbXBhaWduPUFwcGxpYW5jZXMmdXRtX2NvbnRlbnQ9QXBwbGlhbmNlc4AKAcgLAaIMCCoGCgSsurEC2gwRCgsQ0KW5jv6Dspn8ARICAQO4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTMzOTMzMjAzODk3MTE3ODkYALIYBBICrFE&sigh=xRat1w363YY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_YmCIXpJmJf78Q04N1BU-MWlqUO4nCmD6uNK7iCOqfLEHeja4GjkfloGrbMwVM_ZAQN-hxvu85uobM89q2ZqZt-3uo6dCFTGhLBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%228491937668950112225%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225451336385851291153%22}&andc=true

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CVMw-7UC1ZaepGYKfxtYPp_C3wAOKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBN8BT9C7d_RwtWEDU7QiE-_NKYM0Lk4pnRVA-UWIoDjo-RcZGXcxzgUU6d3pxdaKEjzft2uz1SozAhSMTQVbDHvOkJ7h3fh7pB_eXe4hUIZptvxiQiRMSyiy7Y3czkADizVo05tJIBYS8bCykzX6D17712lDtn8XWDpZ1JhLsoT5npn7j-_eSmMRjPh0w3a3_YnTiwqNQftPKlA4TLFADms82zK_nkqDepqtgm5W5yxcBSMJ-ro0boQQrF7NB_k7RkDSogxQrUZII38gMeceNEyaG_R-mVeBuJAkbmhdoituSMAEhN_-ic0EiAX-me7sTZIFBAgEGAGSBQQIBRgEoAYugAfs8K1gqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQxpp10ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljxmtqvj_6DA5oJdGh0dHBzOi8vd3d3Lm9ydmlsbGVzLmNvbS8_dXRtX3NvdXJjZT1Hb29nbGUmdXRtX21lZGl1bT1QYWlkJTIwRGlzcGxheSZ1dG1fY2FtcGFpZ249QXBwbGlhbmNlcyZ1dG1fY29udGVudD1BcHBsaWFuY2VzgAoByAsBogwIKgYKBKy6sQLaDBEKCxCA6ZG4nZSUvukBEgIBA7gT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItMzM5MzMyMDM4OTcxMTc4ORgA&sigh=tHcWGngVdEU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_3BsVMTzI-LYcUg2pCv0x_eZomU-C2ZESr2QfnNhWGMSDGij_wEOxAmrzis0N0zVtDc3quBOGFn0HfW00sFSLicjJmHLnEHtTR-oYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%2217913413078439803602%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210883278767578852721%22}&andc=true

101 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
doom.bigtarget.biz.id/ 148 KB
26 KB 270ms
87ms Document
text/html 2607:f8b0:4004:c08::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::79 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e4d2d34a4645839580aff8d0e19c20aa01418deed4c6a1528234480d762744d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 26472
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:12 GMT
etag: W/"27c1f74fcc0f5bd45b50579986b6cf8b3ebd9306a8d5ef1724020e2e6a203ddb"
expires: Sat, 27 Jan 2024 17:44:12 GMT
last-modified: Sat, 27 Jan 2024 02:43:05 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 129ms
61ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3393320389711789

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38535ebadaa80ebb7f9c78308eef5d089eb2fd71a937abc5c0a331d7cab1fec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Origin: https://doom.bigtarget.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51108
x-xss-protection: 0
server: cafe
etag: 15786477060305418988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 135ms
71ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef525f010d5cfd307b5c615c14c046127dfaec0a10cc80c6f86a845c13831a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51108
x-xss-protection: 0
server: cafe
etag: 5278187011998138951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 101ms
36ms Script
text/javascript 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
H2 200 sprite_v1_6.css.svg
doom.bigtarget.biz.id/responsive/ 7 KB
3 KB 33ms
33ms Other
image/svg+xml 2607:f8b0:4004:c08::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://doom.bigtarget.biz.id/responsive/sprite_v1_6.css.svg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::79 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 27 Jan 2024 05:51:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2244
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 03 Feb 2024 17:44:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v24/ 59 KB
30 KB 130ms
66ms Font
font/ttf 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Origin: https://doom.bigtarget.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 10:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30418
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 10:39:50 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI96.ttf
fonts.gstatic.com/s/ebgaramond/v27/ 51 KB
26 KB 149ms
85ms Font
font/ttf 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI96.ttf

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7cfdaac1b419b73f91cc73d5d8a25e0f71b4713a180afdcf9e60bca831b414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Origin: https://doom.bigtarget.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26665
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:16:51 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v24/ 58 KB
30 KB 97ms
33ms Font
font/ttf 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Origin: https://doom.bigtarget.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 10:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29896
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 10:39:51 GMT

GET
H2 200 1111696730-rockpool_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 135 KB
47 KB 111ms
31ms Script
text/javascript 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/1111696730-rockpool_compiled.js

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b30783765b5cb3b1dadfaccd090f4f01c5f662d9e23fa6665706cdca91d7bd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47166
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 13:03:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 01 Feb 2024 17:49:23 GMT

GET
H2 200 2572602432-widgets.js Show response
www.blogger.com/static/v1/widgets/ 160 KB
58 KB 111ms
32ms Script
text/javascript 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2572602432-widgets.js

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9280547cd3ca5b942fa8e00de6dd0d3524b986f59aa0a0d3f1140c01cb255c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 16:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59278
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 22:02:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 26 Jan 2025 16:43:35 GMT

GET
H2 200 woman%20that%20see%20her%20NFT%20on%20her%20phone.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8TWzZ39alZJKzrQPgrrM1bS6p1xh-wrBOhJfcYmFQdCw1EmRXwoKny-JMmowNKlhtmGKtO3P7PodReT-fzpC6dVAt-oPcx3Tx58SoQWn7ZWG6otEth57x62Qm7Myd9S6HOiM5AZS29dXi7-9R... 52 KB
52 KB 461ms
383ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8TWzZ39alZJKzrQPgrrM1bS6p1xh-wrBOhJfcYmFQdCw1EmRXwoKny-JMmowNKlhtmGKtO3P7PodReT-fzpC6dVAt-oPcx3Tx58SoQWn7ZWG6otEth57x62Qm7Myd9S6HOiM5AZS29dXi7-9R6s9ryuL8OPK455eT1iJvx8DksfHm3KbxMHsLVeVaPEWp/w612/woman%20that%20see%20her%20NFT%20on%20her%20phone.jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f2733b80573c5e5429f462bee07e775dccc517cf72d1eb1ce25ec36df49892c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "vb56"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="woman that see her NFT on her phone.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53601
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 woman%20that%20see%20her%20NFT%20on%20her%20phone%20(2).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmEkv3cgHDRFV6zYVCrz8vw6_Wi4aaRqooR5l1rIBmBDI0V8TxvnL_msrkCAzdT3CxhnPjcfW5pS-bj7xKseSyzboHTetfPtWulRhE1XuTxoQ8iP6vNSFxwrTXuw1xuwz0mMItQf_zu4sFU1rx... 29 KB
29 KB 391ms
314ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmEkv3cgHDRFV6zYVCrz8vw6_Wi4aaRqooR5l1rIBmBDI0V8TxvnL_msrkCAzdT3CxhnPjcfW5pS-bj7xKseSyzboHTetfPtWulRhE1XuTxoQ8iP6vNSFxwrTXuw1xuwz0mMItQf_zu4sFU1rxsMr0gG_LMb82D4WD9beLpIkus-tsp_4NqBBAs6P1V_aw/w256-h256-p-k-no-nu/woman%20that%20see%20her%20NFT%20on%20her%20phone%20(2).jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fea569fcd5d38d238bf0319da177c0009be56709168e51c3506bf8731cbce55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "vb5a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="woman that see her NFT on her phone (2).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29213
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 two%20people%20in%20office%20uniforms.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjON-MbQW5YiS42l2ULAqQorl5Y1qkhwKT2TxjD5zlJGl1MHBIW6iS2JACjkpHTkQoqGckrg4v3ll2BfuKqJZfuWBSe2yOS5sz5OtoErUnr_I0zKT9E4HJpyE7HRsEcOTIbcEeLlbdvWYzYbs-A... 35 KB
35 KB 423ms
345ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjON-MbQW5YiS42l2ULAqQorl5Y1qkhwKT2TxjD5zlJGl1MHBIW6iS2JACjkpHTkQoqGckrg4v3ll2BfuKqJZfuWBSe2yOS5sz5OtoErUnr_I0zKT9E4HJpyE7HRsEcOTIbcEeLlbdvWYzYbs-AgD1pK6te5sEjmiAqo9LdjbfALSnTaLJMjA8y3lE2Ra1v/w256-h256-p-k-no-nu/two%20people%20in%20office%20uniforms.jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2784451fc14b304ba257f76c6ed61d44d0870470b5244e43e3e128f3b299ba1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "vb5d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="two people in office uniforms.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35652
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 two%20people%20in%20office%20uniforms%20(2).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3wxEgLkLrshNanTSgzyb52wjzpY-YN29aC7eMWhMzkIczWMev06uefzqtJur5fGbl0JT_OC1DlNQZRS6Rv_f2ou_d_8QdwHW6dEoZXYdZdrRkxQ75FifpeuwVz2t4BIpf1dNLUAeX5wgW6BB4... 35 KB
35 KB 534ms
457ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3wxEgLkLrshNanTSgzyb52wjzpY-YN29aC7eMWhMzkIczWMev06uefzqtJur5fGbl0JT_OC1DlNQZRS6Rv_f2ou_d_8QdwHW6dEoZXYdZdrRkxQ75FifpeuwVz2t4BIpf1dNLUAeX5wgW6BB4vKNddPXNbWa2l1RB0c43ujr136BNC5oXg_TJikz4YSvd/w256-h256-p-k-no-nu/two%20people%20in%20office%20uniforms%20(2).jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ea4b4fbe1b797fffd3f814d055ae4453730adba06af721bcace5a87690e5ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "vb61"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="two people in office uniforms (2).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35600
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 network%20marketing%20team%20from%20diverse%20backgrounds%20co.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4giFUHCoQ-0OMaxXa-yAJ0lPjS-1iHwvkqrM_dHgQ99x7RqQ4dHjA2zAkPhmtPbRtMbNl6eR8kyC4VAq6kWa0HWhiEyCukQY33sDbswoWzLemU4He6TkwLaqa4RxgcgjXjKXNvX80v2fjqjWD... 33 KB
33 KB 755ms
678ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4giFUHCoQ-0OMaxXa-yAJ0lPjS-1iHwvkqrM_dHgQ99x7RqQ4dHjA2zAkPhmtPbRtMbNl6eR8kyC4VAq6kWa0HWhiEyCukQY33sDbswoWzLemU4He6TkwLaqa4RxgcgjXjKXNvX80v2fjqjWD0bFF1puqA1iKQIYwAKn-spQm4h6PD_SK1LalRJNCvPfB/w256-h256-p-k-no-nu/network%20marketing%20team%20from%20diverse%20backgrounds%20co.jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6311c04fe3c22eb070676f78089eed640b51bf8b9c4a0207feeab5560623ecf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v19"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="network marketing team from diverse backgrounds co.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34101
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 futuristic%20space%20news%20anchor%20who%20is%20half-robot%20and.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGp2nca4tX6nfed9hxM7QrX9FtjUeTuca7SFS8C9AUJU4LnMV7P07U3NxJrqr1awjyzm5bQSLpsHVbMjA2ooz4RP3afPmkPoo3cVoE0J2BlzUekw9K7Ora-0HyysFrGKjYGGLkFhrlGMSzR6Yx... 22 KB
22 KB 565ms
489ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGp2nca4tX6nfed9hxM7QrX9FtjUeTuca7SFS8C9AUJU4LnMV7P07U3NxJrqr1awjyzm5bQSLpsHVbMjA2ooz4RP3afPmkPoo3cVoE0J2BlzUekw9K7Ora-0HyysFrGKjYGGLkFhrlGMSzR6YxpiKlZCa3bonl4d3IDEaHUdeRI44SJ0wuklOnYqIwJgpQ/w256-h256-p-k-no-nu/futuristic%20space%20news%20anchor%20who%20is%20half-robot%20and.jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3edc9890e30470a52f619e9f8569873df62d272391d840a74066644be7825b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="futuristic space news anchor who is half-robot and.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22513
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 Create%20a%20photo%20portraying%20'Content%20Marketing%20Provi%20(1).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3QatXyGkZ-zQI6aCyGd_XIT_N8XNWL6qKERGoVyTqUTZ2VADjv4NfEqEaRU1cZhZLZUcROXjAZu0uMYJT2DSuXEUaYFuzqAIrLo50TzVsXBowzsUh8ohezzu-vmcaQHE4VPPkmr69cjxCV-AP... 36 KB
36 KB 568ms
568ms Image
image/jpeg 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3QatXyGkZ-zQI6aCyGd_XIT_N8XNWL6qKERGoVyTqUTZ2VADjv4NfEqEaRU1cZhZLZUcROXjAZu0uMYJT2DSuXEUaYFuzqAIrLo50TzVsXBowzsUh8ohezzu-vmcaQHE4VPPkmr69cjxCV-APTKWhMuUNBQs9AtnbZiqcildrCuksU9YyNWcepZ_yMbWJ/w256-h256-p-k-no-nu/Create%20a%20photo%20portraying%20'Content%20Marketing%20Provi%20(1).jpg

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b10519df8823491a7bc289b26d6af9d9da9e3d3f2dfad8a19d6ce1c28826c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v21"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Create a photo portraying 'Content Marketing Provi (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36368
x-xss-protection: 0
expires: Sun, 28 Jan 2024 17:44:13 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v40/ 34 KB
23 KB 144ms
100ms Font
font/ttf 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fee568ee1e985a28351734213271ab3c518744bb3819af52246e1b7d15b7372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Origin: https://doom.bigtarget.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23490
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:15:20 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
138 KB 73ms
71ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3393320389711789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70d6aa69f492c02bbce4cfe00cd7dc8b26601f03467d08473a9707832f26fb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140712
x-xss-protection: 0
server: cafe
etag: 15518177094572251369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 00B3 9 KB
5 KB 99ms
32ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3393320389711789

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 10:19:48 GMT
etag: 3890843268177463596
expires: Sat, 10 Feb 2024 10:19:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 34ms
33ms Image
image/png 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: doom.bigtarget.biz.id
URL: https://doom.bigtarget.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:31:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 09:58:20 GMT
server: sffe
age: 173575
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 01 Feb 2024 17:31:18 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B34 129 KB
43 KB 586ms
585ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&adk=1812271804&adf=3025194257&lmt=1706323385&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l&format=0x0&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453158&bpp=4&bdt=202&idt=158&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3874137407861&frm=20&pv=2&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaf5487159e09650d5fd400e47dff956c877e141c3afda2726654d9fa6a71c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43528
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:13 GMT
expires: Sat, 27 Jan 2024 17:44:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 535C 120 KB
41 KB 548ms
547ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=1437976804&adf=2164475225&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453163&bpp=7&bdt=206&idt=202&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52e3a2735c816312c21d81ddbc19b8ba2071b9165b7cd9d6ecf45340d710094a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:13 GMT
expires: Sat, 27 Jan 2024 17:44:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F10D 115 KB
40 KB 476ms
474ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4764cf380a66bd8160a5ef563ca945f2de19697d4b7a8dbcf1352dfb3c0955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40920
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:13 GMT
expires: Sat, 27 Jan 2024 17:44:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD48 118 KB
40 KB 345ms
345ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=250407664&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453172&bpp=1&bdt=216&idt=251&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=261

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3470355d28fe18fb6098496b8a6e93b8cd7109d759a11e8b53a34402025f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41091
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:13 GMT
expires: Sat, 27 Jan 2024 17:44:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61CB 119 KB
40 KB 539ms
538ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cac41e9c8813bbd8e125a9c07a2efa3b012591ebf7f699987f6d0663aa3cd6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40765
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:13 GMT
expires: Sat, 27 Jan 2024 17:44:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BD48 4 KB
1 KB 114ms
41ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=250407664&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453172&bpp=1&bdt=216&idt=251&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:41:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BD48 2 KB
902 B 130ms
61ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:33:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame BD48 23 KB
9 KB 103ms
36ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BD48 3 KB
1 KB 108ms
42ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BD48 20 KB
9 KB 98ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:41:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD48 205 KB
65 KB 357ms
285ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame BD48 37 KB
15 KB 34ms
32ms Script
text/javascript 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 23:28:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6632647894055600159/ Frame BD48 9 KB
9 KB 177ms
133ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6632647894055600159/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74a52db16f34499507b808e195089b10da4c08237e61dade2123aaf42d317c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9099
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 16:49:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2664535731845532207/ Frame BD48 57 KB
57 KB 122ms
78ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2664535731845532207/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e921e394578408398ae73253cfade9be3b9eb3a514e3337386719219cf977008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58400
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 20:22:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:13 GMT

GET
DATA 200
OK truncated
/ Frame BD48 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 13100413629100827022
tpc.googlesyndication.com/simgad/ Frame F10D 94 KB
94 KB 109ms
109ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13100413629100827022

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2527b641fe4dd00e6e4b3f72f5ad71fe4ffea936da3989cf8aebb9d196d1697e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95983
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 01:42:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F10D 23 KB
9 KB 36ms
36ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 119B 143 B
166 B 40ms
39ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 16:59:05 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F10D 3 KB
1 KB 92ms
89ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F10D 20 KB
8 KB 83ms
81ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:41:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F10D 205 KB
65 KB 321ms
319ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F10D 36 KB
15 KB 84ms
84ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 535C 4 KB
728 B 41ms
41ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=1437976804&adf=2164475225&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453163&bpp=7&bdt=206&idt=202&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 17:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:36:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 17:44:13 GMT

GET
DATA 200
OK truncated
/ Frame BD48 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddad180876a0b4541a48e23b9adcbcd52775a41ea5d04e5de0f88aecf0dc0df7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 535C 2 KB
856 B 69ms
68ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:33:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 535C 23 KB
9 KB 68ms
65ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 535C 3 KB
1 KB 71ms
68ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 535C 20 KB
8 KB 68ms
66ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:41:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 535C 205 KB
65 KB 279ms
278ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 535C 37 KB
15 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 23:28:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/498299968530896612/ Frame 535C 25 KB
25 KB 95ms
95ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/498299968530896612/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53af3c5ff762cfbc38357568bd37bf832b93ab7aae645cb8e07b162a079b1784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25312
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 20:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:14 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6632647894055600159/ Frame 535C 4 KB
4 KB 59ms
59ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6632647894055600159/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc4a0a2b4025db3daab7e6166e06c42566418e59494f976df177d4837c950941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4243
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 16:49:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 76ms
61ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00f1cb5ed71f5ce99826748a3a2224e0fc78b53f039eb23d85713b73c978b723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56990
x-xss-protection: 0
server: cafe
etag: 1017193734138914924
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 61CB 4 KB
655 B 49ms
42ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 119B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:14 GMT
expires: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 61CB 2 KB
822 B 34ms
31ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:33:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 61CB 23 KB
9 KB 44ms
42ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 61CB 3 KB
1 KB 50ms
48ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 17:49:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 61CB 20 KB
8 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:41:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61CB 205 KB
65 KB 161ms
160ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 61CB 37 KB
15 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 23:28:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2664535731845532207/ Frame 61CB 57 KB
57 KB 53ms
52ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2664535731845532207/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e921e394578408398ae73253cfade9be3b9eb3a514e3337386719219cf977008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58400
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 20:22:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:14 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6632647894055600159/ Frame 61CB 4 KB
4 KB 72ms
71ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6632647894055600159/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc4a0a2b4025db3daab7e6166e06c42566418e59494f976df177d4837c950941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4243
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 16:49:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:44:14 GMT

GET
DATA 200
OK truncated
/ Frame 535C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd5b37b628b0a62913fa69242c6f0003781589336c0702196184c9eb50c7ea0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame CBD7 9 KB
4 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 32297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 08:45:57 GMT
etag: 3890843268177463596
expires: Sat, 10 Feb 2024 08:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F10D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 689af50af60c34721fffa3d581aa8fbf153fe8ac82e231f05a7f04c26a38e928

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 61CB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e4bf082fab8f013399e97a5be339a152141e01cddd0fcddeae3b8cf860c8d06

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame CBD7 23 KB
9 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4EA 143 B
166 B 34ms
32ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 16:59:05 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CBD7 3 KB
1 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 17:49:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CBD7 20 KB
8 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:41:22 GMT

GET
H3 200 12190537500043194739
tpc.googlesyndication.com/simgad/ Frame CBD7 36 KB
36 KB 34ms
33ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12190537500043194739?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnyVTnDDkXwDvIA4PTuqM-b5a2Now

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11fe2f25010d1d847ede92bba0f29e9b213a29f3e82237bf0c31a382e8e73c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:41:51 GMT
x-content-type-options: nosniff
age: 143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36933
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 02:14:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 17:41:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBD7 205 KB
65 KB 51ms
49ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CBD7 36 KB
15 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:38:35 GMT

GET
DATA 200
OK truncated
/ Frame CBD7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d2880915117120e187f26b5db677a085a5568ab165334e10026c03d1699a136

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:14 GMT
expires: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BD48 15 KB
16 KB 34ms
33ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:08:05 GMT
x-content-type-options: nosniff
age: 23769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:08:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 61CB 16 KB
16 KB 35ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:02:30 GMT
x-content-type-options: nosniff
age: 24104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:02:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 61CB 15 KB
15 KB 37ms
36ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:17:51 GMT
x-content-type-options: nosniff
age: 23183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:17:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F10D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsLaH7UC1Zf21G7iEvPIP766pwASc6pijdZPGyuTDEsPz8ZfhDhABII7l4JEBYMnujovApIwQoAHtncOsKsgBA6gDAcgDyQSqBN4BT9CTyiyaq2Z0eyxwWfutmMqfKlnDI8uqr1-hz4R1CSr...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc82dd4c9f8e1238b0000000000000000%22,%222%22:%220x98798de2b80674740000000000000000%22,%223%22:%220x3b2f47...

0
0

289ms
102ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc82dd4c9f8e1238b0000000000000000%22,%222%22:%220x98798de2b80674740000000000000000%22,%223%22:%220x3b2f4745a9c139850000000000000000%22,%224%22:%220x1849d698faf5bf930000000000000000%22,%225%22:%220x8c1a3470c9ccd3380000000000000000%22},%22debug_key%22:%228762557046237618732%22,%22debug_reporting%22:true,%22destination%22:%22https://lapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211367665389%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213874082196377824337%22}&andc=true

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc82dd4c9f8e1238b0000000000000000","2":"0x98798de2b80674740000000000000000","3":"0x3b2f4745a9c139850000000000000000","4":"0x1849d698faf5bf930000000000000000","5":"0x8c1a3470c9ccd3380000000000000000"},"debug_key":"8762557046237618732","debug_reporting":true,"destination":"https://lapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11367665389"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"13874082196377824337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 17:44:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc82dd4c9f8e1238b0000000000000000","2":"0x98798de2b80674740000000000000000","3":"0x3b2f4745a9c139850000000000000000","4":"0x1849d698faf5bf930000000000000000","5":"0x8c1a3470c9ccd3380000000000000000"},"debug_key":"8762557046237618732","debug_reporting":true,"destination":"https://lapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11367665389"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"13874082196377824337"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 535C 16 KB
16 KB 33ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:02:30 GMT
x-content-type-options: nosniff
age: 24104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:02:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 535C 15 KB
15 KB 35ms
34ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:17:51 GMT
x-content-type-options: nosniff
age: 23183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:17:51 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame AF4C 50 KB
19 KB 42ms
42ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&adk=1324608513&adf=253917306&w=676&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=676x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453170&bpp=1&bdt=214&idt=228&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 15:25:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CBD7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj4E27UC1ZbXBGKmI3rsPrLGN-Avn9oOlddmF2YT7EaD_vsKPDhABII7l4JEBYMnujovApIwQoAH-gtfaKsgBAqgDAcgDyQSqBN8BT9A2RHkNxcUJPb4KlmoHW8zpcOXCwz_fkycUNAkkE4X...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1a5efe7ea104e2c70000000000000000%22,%222%22:%220xd644b88c335843780000000000000000%22,%223%22:%220xbd1f47...

0
0

107ms
101ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1a5efe7ea104e2c70000000000000000%22,%222%22:%220xd644b88c335843780000000000000000%22,%223%22:%220xbd1f47805311082f0000000000000000%22,%224%22:%220x653deefc6bfac7e50000000000000000%22,%225%22:%220x2be83862068541ff0000000000000000%22},%22debug_key%22:%2212890887112680872278%22,%22debug_reporting%22:true,%22destination%22:%22https://mayocliniclabs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211464458622%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221457297577229144225%22}&andc=true

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1a5efe7ea104e2c70000000000000000","2":"0xd644b88c335843780000000000000000","3":"0xbd1f47805311082f0000000000000000","4":"0x653deefc6bfac7e50000000000000000","5":"0x2be83862068541ff0000000000000000"},"debug_key":"12890887112680872278","debug_reporting":true,"destination":"https://mayocliniclabs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11464458622"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"1457297577229144225"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 17:44:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1a5efe7ea104e2c70000000000000000","2":"0xd644b88c335843780000000000000000","3":"0xbd1f47805311082f0000000000000000","4":"0x653deefc6bfac7e50000000000000000","5":"0x2be83862068541ff0000000000000000"},"debug_key":"12890887112680872278","debug_reporting":true,"destination":"https://mayocliniclabs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11464458622"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"1457297577229144225"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BD48
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyvdB7UC1Zfj6HJ6PxtYPxOyu0AuKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBN4BT9DD08TAZdquzgzZm6gbxY8lL11xBtwhV8ovnHjlHuy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01...

0
0

101ms
100ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%222559782824292051580%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223280948064312862465%22}&andc=true

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"2559782824292051580","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"3280948064312862465"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 17:44:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"2559782824292051580","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"3280948064312862465"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 61CB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CbKxF7UC1ZangHqnCxtYP2YG4gAKKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBOYBT9B6zY3MAVBYxmYNWRaq6wGNbiDkwQxWaretHjhinDu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01...

0
0

105ms
104ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%228491937668950112225%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225451336385851291153%22}&andc=true

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"8491937668950112225","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"5451336385851291153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 17:44:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"8491937668950112225","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"5451336385851291153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A8F 50 KB
19 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 15:25:59 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame E5A1 50 KB
19 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 15:25:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 535C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVMw-7UC1ZaepGYKfxtYPp_C3wAOKhN-JdfyTzpCaEoe2vs-IChABII7l4JEBYMnujovApIwQoAH8jtKfA8gBCagDAcgDywSqBN8BT9C7d_RwtWEDU7QiE-_NKYM0Lk4pnRVA-UWIoDjo-Rc...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01...

0
0

106ms
105ms

Fetch
text/css

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%2217913413078439803602%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210883278767578852721%22}&andc=true

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"17913413078439803602","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"10883278767578852721"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 17:44:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 17:44:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb62e71fd9bde9dec0000000000000000","2":"0x577e41a275c31f70000000000000000","3":"0x8c81f01e44f809de0000000000000000","4":"0x57bd41db29755c8a0000000000000000","5":"0xf378f9cb33cb511e0000000000000000"},"debug_key":"17913413078439803602","debug_reporting":true,"destination":"https://orvilles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871663484"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"10883278767578852721"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
59ms XHR
application/json 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbf826e7122f867906f95ec0bbee47dc4b2b57066b104e33fcfe879a4dff0e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12346
x-xss-protection: 0

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 220F 50 KB
19 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3393320389711789&output=html&h=280&slotname=5989024353&adk=3599748801&adf=2881366755&pi=t.ma~as.5989024353&w=1200&fwrn=4&fwrnh=100&lmt=1706323385&rafmt=1&format=1200x280&url=https%3A%2F%2Fdoom.bigtarget.biz.id%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706377453173&bpp=1&bdt=216&idt=276&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C676x280%2C676x280&nras=1&correlator=3874137407861&frm=20&pv=1&ga_vid=1324331044.1706377453&ga_sid=1706377453&ga_hid=809200001&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=4754&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31080590%2C95320889%2C95321626%2C95322166%2C95323004&oid=2&pvsid=3486507077570669&tmod=1738979007&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 15:25:59 GMT

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6ACB 50 KB
19 KB 36ms
36ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 15:25:59 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 178ms
94ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
94ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 95ms
93ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 96ms
94ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%228491937668950112225%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225451336385851291153%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 96ms
95ms Preflight
text/html 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb62e71fd9bde9dec0000000000000000%22,%222%22:%220x577e41a275c31f70000000000000000%22,%223%22:%220x8c81f01e44f809de0000000000000000%22,%224%22:%220x57bd41db29755c8a0000000000000000%22,%225%22:%220xf378f9cb33cb511e0000000000000000%22},%22debug_key%22:%2217913413078439803602%22,%22debug_reporting%22:true,%22destination%22:%22https://orvilles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871663484%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210883278767578852721%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 17:44:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 101ms
100ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 17:44:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DE7 13 KB
5 KB 35ms
33ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:03:27 GMT
expires: Sun, 26 Jan 2025 17:03:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B3B5 829 B
562 B 51ms
49ms Document
text/html 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

000077d194794d45a5379059f361670455f469106faacf683f9e48794579f5c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mBESCRzlXkD4Ql11WeAqNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://doom.bigtarget.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mBESCRzlXkD4Ql11WeAqNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 17:44:15 GMT
expires: Sat, 27 Jan 2024 17:44:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DE7 39 KB
15 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 09:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 09:43:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3B5 0
0 94ms
94ms Image
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=3486507077570669&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1DE7 0
11 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jxHoxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 17:44:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 535C 42 B
64 B 98ms
97ms Fetch
image/gif 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSGaRxPQMLUiXp5NMk4aXIe68ozTXAXve_RNy1_OAPtaqXLTMAs2SbSt-XPRJpmxW7Oa6pwvG-7-NZsd_r8aPveEfekWqmzmbknRSMzlWEJOWPyyvtlzbMmOJedqZETKsFJkRhhaOfICY8t0P8fttC0zeai0Sj0tqbRzGAa8b4N8IrDvT4USQ&sai=AMfl-YT6EgFA6eiHU4T89yjWnoeJ7JPGoNWCBElzT_pB8d-5T4eJuPe5nUWnAUCqx_PamO64yT61xrYv7NNNQAXPF1AHNuAujp7YUSTeVWStffAo4guZO06Ce4uy4gpfG9FCYE0xTyorLO1Eh6wsmZrNiQ&sig=Cg0ArKJSzBvo261yeAx4EAE&cid=CAQSTwAvHhf_3BsVMTzI-LYcUg2pCv0x_eZomU-C2ZESr2QfnNhWGMSDGij_wEOxAmrzis0N0zVtDc3quBOGFn0HfW00sFSLicjJmHLnEHtTR-oYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1437976804&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637745400&rst=1706377453377&rpt=1227&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBD7 42 B
64 B 97ms
97ms Fetch
image/gif 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKPee93wA2C80BMdZDxFeNbzvjqnrtYdxpyFrThDfMspyBghMB0Thuoj3vAPDcpY1OU5m0aEePmhFOtzWC5edgF_339KLLRFY9fkfPHY07a6cxflTb0kpCreqyQKGcKUWf3YldzFZFWSVfqZPL7PzkcXWE&sai=AMfl-YQLIFbCjMG0VKYUKLZ-SnmAJMJjhllQzbXY0o1QUI4bJso8izmevqjLmcfDXgwyMW7VXVTVA621OCJL9qiI0PfdPEFKyooVUwHIMab6_w3ow8rtCdA_lQ8w3CU4_DEVeevB3iYP2icn7vD-GvCbPA&sig=Cg0ArKJSzNKzisgnRHWiEAE&cid=CAQSTwAvHhf_LMWz2SSSSr0eNgnJsoHmVriMepOPPKIb1EINrvhxBxxR0pA9foR5Y0BnK2ecQmtlI8XzEEzUfd9bIXGsC582RR5n2vL958mBfMcYAQ&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=128,723,1004,1143,1143&tos=128,595,281,139,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637745400&rst=1706377454160&rpt=304&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 17:44:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
96ms Image
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=3486507077570669&bg=!aWqlaiXNAAa8BdJLnAU7ADQBe5WfODz5IMNc4D-v9rrtfeFZ40uMNnhd_c9t8ZYjx4WQqXnlPple4nl5n39iua8-aaWMAgAAAItSAAAABWgBBwoAtDJJ44Isc8S_ZlOsyYSKFq7OhPSuzqcZGMHY4dNiGN31EYJFe61yr1ZIt34hBtqvjlweRznxmUMyQZV0WaMdRNld4kOEIVkS4h2CJ8N71AxU8l8zqC4LabUVrMS2RgGwwsK_vejyrK9ZYqW7PbvlNvMDzKZT8nWH81BckKt5Lr8NPtb9g2JG29gsTNC9etiN1YARvOpPbWTfej4bEJlaCL4tnmby3ErGAiARVmMESmEV3Oomz5kCp2M7zUy_xLYHZyP9O-5WZPGenUbb-zOPVmT9M04Wtle0qMxT_eAGUh061djidZAWQUsLXuNkFjDt4DaY4MFq-ImQxyLOShSE2nOM8esPsZHuyU7z2r41o30zn4KrQLxMPaboQc8ZToHAdkMHvd5cit9mE6SWrlVnY5zY8OSnNnb9Js--RR9uobwV862RkC_d2VwjnDU9QnQHqRa7JKbouSZ9ZYwMIMpr0yJQQtVXOfPIxesFANOAOw8FfhqOJmtOz2JnZ1XPlu0gXcmzGcZvXYmVHftoe7c6Bj1B87wOmws076AQcXDNQCNIm6X3gUFDGRoPd9A9U680InPzroohnlXkQMNLkps4KOUIbx0fjFzWwsocIdc0pGhHdBmTfjPBrnFy6HesUVWB4Wc5T_ZzIazCTEUKYGjercuWzVoXdzJclpiV6NdW1LaxeOyGDBpoJvXR-w72Gzzg8WojnCDQ-GKHH9GEIrgpf4JIIRgMnTnr_vsjEHR0PZtZC8bBoW-dy4mN8WuRob1fMMSMgmmuJlsqWrL-bEdaSm36faaBRftznubQf3OcqBgmVPkx9-2VixfHFQOZ60FolPn38yQ8my6CZdyUFEUaCCPKKLQc5B6aRq8gghjtVurHS05peUU7nTmGcK2EGUhoB0E6s3v22LWUb8UroPCcrh8IIgy1XqnxeSbJCR7sBLRJoGg4HzvqlO5O3FJ_34eWHiQDRJG_V05l2846-cOTwLqyfoi7wGSBiZYvMlc6hMte4WEM2_RT1uxbPjNSQAKYuUjZ2-bRlMgoKIJJ4eLcTe2qwtHy3HRF4IYZRjQNou2t7aRNxqgRLqIRhtzXyaM2dvGfMmFLD7B0RaMU6Kodg-gJws-SloigX5w0MsJQcNJxxSpihU3rRw-tW9hRhJ0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://doom.bigtarget.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigtarget.biz.id/	1970-01-21 03:21:13	Name: __gads Value: ID=ba98c04d6085a301:T=1706377453:RT=1706377453:S=ALNI_MZidZ8sIBwrHsGfBG70yt-fIddtqA
.bigtarget.biz.id/	1970-01-21 03:21:13	Name: __gpi Value: UID=00000dba6ed18b2a:T=1706377453:RT=1706377453:S=ALNI_MZmN_6GzSaP9anpw4hunJBFRIwrbQ
.bigtarget.biz.id/	1970-01-20 22:18:49	Name: __eoi Value: ID=610fdb2d30f61df5:T=1706377453:RT=1706377453:S=AA-AfjZ4kLaeIl-8YeLDIk-6cSXz
.doubleclick.net/	1970-01-20 17:59:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:35:37	Name: IDE Value: AHWqTUkHq1-4lW-ik9qRwpURUxvD4U9GsJGRDcnaSP-BmpYuIWzFsDgxm06IxRtPw5A
.googleadservices.com/	1970-01-20 20:09:13	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
doom.bigtarget.biz.id
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
resources.blogblog.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.31.155
2607:f8b0:4004:c06::bf
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::79
2607:f8b0:4004:c09::84
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::93
2607:f8b0:4004:c19::84
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::9c
000077d194794d45a5379059f361670455f469106faacf683f9e48794579f5c1
00f1cb5ed71f5ce99826748a3a2224e0fc78b53f039eb23d85713b73c978b723
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1e4d2d34a4645839580aff8d0e19c20aa01418deed4c6a1528234480d762744d
1ea4b4fbe1b797fffd3f814d055ae4453730adba06af721bcace5a87690e5ecc
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2527b641fe4dd00e6e4b3f72f5ad71fe4ffea936da3989cf8aebb9d196d1697e
2784451fc14b304ba257f76c6ed61d44d0870470b5244e43e3e128f3b299ba1c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38535ebadaa80ebb7f9c78308eef5d089eb2fd71a937abc5c0a331d7cab1fec5
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3edc9890e30470a52f619e9f8569873df62d272391d840a74066644be7825b60
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4e4bf082fab8f013399e97a5be339a152141e01cddd0fcddeae3b8cf860c8d06
4f2733b80573c5e5429f462bee07e775dccc517cf72d1eb1ce25ec36df49892c
52e3a2735c816312c21d81ddbc19b8ba2071b9165b7cd9d6ecf45340d710094a
53af3c5ff762cfbc38357568bd37bf832b93ab7aae645cb8e07b162a079b1784
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6311c04fe3c22eb070676f78089eed640b51bf8b9c4a0207feeab5560623ecf1
689af50af60c34721fffa3d581aa8fbf153fe8ac82e231f05a7f04c26a38e928
6d2880915117120e187f26b5db677a085a5568ab165334e10026c03d1699a136
6fee568ee1e985a28351734213271ab3c518744bb3819af52246e1b7d15b7372
70d6aa69f492c02bbce4cfe00cd7dc8b26601f03467d08473a9707832f26fb4d
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
8cac41e9c8813bbd8e125a9c07a2efa3b012591ebf7f699987f6d0663aa3cd6a
8f4764cf380a66bd8160a5ef563ca945f2de19697d4b7a8dbcf1352dfb3c0955
9280547cd3ca5b942fa8e00de6dd0d3524b986f59aa0a0d3f1140c01cb255c25
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
9b10519df8823491a7bc289b26d6af9d9da9e3d3f2dfad8a19d6ce1c28826c66
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b30783765b5cb3b1dadfaccd090f4f01c5f662d9e23fa6665706cdca91d7bd12
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
ba3470355d28fe18fb6098496b8a6e93b8cd7109d759a11e8b53a34402025f17
bbf826e7122f867906f95ec0bbee47dc4b2b57066b104e33fcfe879a4dff0e12
bc4a0a2b4025db3daab7e6166e06c42566418e59494f976df177d4837c950941
bdd5b37b628b0a62913fa69242c6f0003781589336c0702196184c9eb50c7ea0
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
ddad180876a0b4541a48e23b9adcbcd52775a41ea5d04e5de0f88aecf0dc0df7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e921e394578408398ae73253cfade9be3b9eb3a514e3337386719219cf977008
eaf5487159e09650d5fd400e47dff956c877e141c3afda2726654d9fa6a71c54
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef525f010d5cfd307b5c615c14c046127dfaec0a10cc80c6f86a845c13831a5d
f11fe2f25010d1d847ede92bba0f29e9b213a29f3e82237bf0c31a382e8e73c6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74a52db16f34499507b808e195089b10da4c08237e61dade2123aaf42d317c0
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa7cfdaac1b419b73f91cc73d5d8a25e0f71b4713a180afdcf9e60bca831b414
fea569fcd5d38d238bf0319da177c0009be56709168e51c3506bf8731cbce55f

doom.bigtarget.biz.id Open in urlscan Pro 2607:f8b0:4004:c08::79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

95 %HTTPS

92 %IPv6

11 Domains

13 Subdomains

13 IPs

1 Countries

1996 kBTransfer

4547 kBSize

6 Cookies

4 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

doom.bigtarget.biz.id Open in urlscan Pro
2607:f8b0:4004:c08::79 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

95 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

1996 kB
Transfer

4547 kB
Size

6
Cookies

101 HTTP transactions
6 data transactions