blog.s.id Open in urlscan Pro
2606:4700:20::ac43:4b68  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://s.id/nFTPS HTTP 302
   https://home.s.id/forbidden Page URL
   
2. https://s.id/1SV77?s=skip HTTP 302
   https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://s.id/nFTPS HTTP 302
• https://home.s.id/forbidden

Request Chain 105

• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 110

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=y7JbZnxWaFB1bjhaTlpERXE1L09QelMwM3lsbENtaXdPVHF3RTJrSHBJY3IxNG1ORXZLakFWYnV0TVJzcjNFUE1FbmNKNUU5bWpjYUF3ZmpxMGh1TjNRMXQ5Z05JWVRlNFJWWEY4ZWJuOGM2WnoxamQ5Nnlvdk4xc3dPdHVKeitSdlpPUHZENVl3V1F3NForRUFjMDMvYnREQVBXcjV4eFh5SVRDNTBCRXMvdWswL3YwRm5GQk1LRkd4N1JvUkhEOGNQbFNRVXcyWDJqUmlSRkxseXhHVmROdkdWWUQ0VldXRlhnbGxTQmJHbHFLT1FaVGFHUWpRalJKSHp4Y0xGa1YzMFlKSkRjT0l3NTNINTM5VHNpMnJzZ2NJQT09fA&cppv=2

Request Chain 148

• https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
• https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAt3kIG1tCpbjdDfu43O9ok&google_cver=1

Request Chain 149

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1

Request Chain 150

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhGrPEkDGfB2KrWZfNLzwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1

Request Chain 151

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1

Request Chain 152

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhGrLqzziOnxbg7yPe2OAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1

Request Chain 153

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEG85tt0IZ8F-c3kS40rzcEw&google_cver=1

Request Chain 154

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIwNDkzNjg3OTM1MDU5MA%3D%3D

Request Chain 155

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

• https://fksnk.com/cs/google?google_gid=CAESENdMklNklwFU1R9lK5Q9auc&google_cver=1&google_push=AXcoOmQoFPgvERLOMeQMh8OXpK1PYRCTapqXJ0nJuf2GzZ7Ejq-W1s-_2rjckIt4_gRofWlpWBTjmb1Se5jfC3l3wzwJ33bUayzt2g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0Y0MUU4QTlBMjM3OEIzOQ==

Request Chain 160

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHeHbAvGrhOolHvYZiE9gEk&google_cver=1&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR&google_gid=CAESEHeHbAvGrhOolHvYZiE9gEk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczMDE3MDU4NzkxNTQ5Nzc3OTk5NA%3D%3D&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR

Request Chain 161

• https://sync.inmobi.com/gob?google_gid=CAESELPfHQfJ0zzjQXgi19Hvi8g&google_cver=1&google_push=AXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0mSZ1D48dm4I2VgbW9rI-5GGynZoShVssPiXP9u4viGm4-RG-MpsSpg HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0mSZ1D48dm4I2VgbW9rI-5GGynZoShVssPiXP9u4viGm4-RG-MpsSpg

Request Chain 162

• https://an.yandex.ru/mapuid/google/CAESEMj06SrO_AZcb9WMnLtMFzw?ext-param=AXcoOmRYZXVgJdagNTC49ZB4GrSWVREfpKjUOmsY7O96kycP_gRgBkApbkAwMIVszpDR5NnQOjBh-A1Ofq23dkKPerXruzpWXBC_TSw&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://an.yandex.ru/mapuid/google/CAESEMj06SrO_AZcb9WMnLtMFzw?redir-setuniq=1&ext-param=AXcoOmRYZXVgJdagNTC49ZB4GrSWVREfpKjUOmsY7O96kycP_gRgBkApbkAwMIVszpDR5NnQOjBh-A1Ofq23dkKPerXruzpWXBC_TSw&partner-tag=yandex_ag&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEMj06SrO_AZcb9WMnLtMFzw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 173

• https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=

Request Chain 191

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDO4i05UX4ySUFy8Fq5fXY8&google_cver=1&google_push=AXcoOmTaL_P6_gwgMCzoT0mUvewi0trVQhVkYi4-oaPaA1w7khIbGV5Q_fO_Pduba7D29aiDZULY9Io3oehsiqKK-0Np8Encz6jO HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldoR3JRQUFBd1g5OWhCZQ==&google_gid=CAESEDO4i05UX4ySUFy8Fq5fXY8&google_cver=1&google_push=AXcoOmTaL_P6_gwgMCzoT0mUvewi0trVQhVkYi4-oaPaA1w7khIbGV5Q_fO_Pduba7D29aiDZULY9Io3oehsiqKK-0Np8Encz6jO

Request Chain 193

• https://cs.media.net/cksync?type=g&google_gid=CAESEED3vXH59FdQSosrWDSNMtE&google_cver=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopwwyiu5lm05aFGtXk0PwqQWM0PozBE7k9FyMHS-xDZ1kyVAphEoKi8NUaFugS3Q2cF_maV2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&mn_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopwwyiu5lm05aFGtXk0PwqQWM0PozBE7k9FyMHS-xDZ1kyVAphEoKi8NUaFugS3Q2cF_maV2&gdpr=&gdpr_consent=

Request Chain 195

• https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIigXv1H25luNeask8O6kTo&google_cver=1&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A&google_hm=WldoR3JzQ284WU1BQU5XeXpJWUFBQUFB

Request Chain 197

• https://sync.inmobi.com/gob?google_gid=CAESELPfHQfJ0zzjQXgi19Hvi8g&google_cver=1&google_push=AXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFMThvdzzMf1M_vVB06Vq88wnOtXIXwQtP1wE3GGKpP6cSt2DK1EUnARg HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFMThvdzzMf1M_vVB06Vq88wnOtXIXwQtP1wE3GGKpP6cSt2DK1EUnARg

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	forbidden Show response home.s.id/ Redirect Chain https://s.id/nFTPS https://home.s.id/forbidden	69 KB 22 KB	340ms 297ms	Document text/html	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 4d70de3fc1a15ad3eb51ee14ae50c6efc45b42aaa0542393b4b93d31a84ea03a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, max-age=0, must-revalidate cf-cache-status BYPASS cf-ray 82e1b13e2a8dbbc1-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 30 Nov 2023 08:24:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BisNXrpySoLDoH5thDimpYhVlqyG1tMg0HkyGMu%2FfglJh9cYWI%2FMWW6RNLceZYraxyBDLELZpZlJ9k9FIgabL5A0ndyK8Gzw7OUWBO4Df8ZzgK6PLqBX8R8cRqXfbukuUb9B2lD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by Next.js x-xss-protection 1; mode=block Redirect headers cache-control private, max-age=15 content-length 0 date Thu, 30 Nov 2023 08:24:08 GMT location https://home.s.id/forbidden#action server nginx strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	montserrat.css home.s.id/assets/fonts/	3 KB 782 B	266ms 264ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/montserrat.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRBhuR7ux19ci0%2F2aXzJHKfnQCwgazALC%2FLiZviV7Pj3xviQBO2vsnYJgIcSFbEY6lZBGML1PZpraBOCRCyUE%2BfJsXH0yTML3tlAi6zJTyvzdPNIXxXVm0kKB7eGfRnUxLQUkhZWVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=300 cf-ray 82e1b1400c2ebbc1-FRA
GET H2	200	work-sans.css home.s.id/assets/fonts/	4 KB 764 B	257ms 256ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/work-sans.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Px5jKcU5iafkR8EaR%2BfLwLlB6psL96WJRK2PRV7XYYcNJiLIEoIDH6RknGnvtxe9d2CWopzKCVzWP0cTeNj9yBE1B7Uf20wP0DCHYod%2F5lLoKGdlXKmEqVdOdHzvM3HcNaJMdVOWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=300 cf-ray 82e1b1400c31bbc1-FRA
GET H2	200	bb206f80f78cf1f2.css home.s.id/_next/static/css/	138 KB 21 KB	25ms 24ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/css/bb206f80f78cf1f2.css Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 696eaccea2a9c53623fb7eae9a7c0cf62b551fdf06c81bc224d8e259c43e9c1f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:08 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 89067 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"22836-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhDQpURuhMFfHE9PSysA07TKue1fEvU5ziA2lmoOX6zTGHW32id2C3joAv9CHmjBEA3BkrJUOyfR7A6Za8Tg16SCPDPOgWo%2Bm5kLoVVFipAXtVoYsu6rsD61rpf5WZ1hrAP%2BJc0esQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1400c32bbc1-FRA
GET H3	200	webpack-c575f1fb33569c00.js Show response home.s.id/_next/static/chunks/	4 KB 3 KB	46ms 44ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/webpack-c575f1fb33569c00.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9890d0c986f6d0649dd85d4f0b85784de66e34c5ed6e592f3c2718612a3f7bae Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91084 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"11af-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZNqVoN%2BUf2jyQAIKjNFKyzxkA6uChE76r9WNx9Z2jeIH9XIfOfTy9AS1VUVRow2%2B%2BKdlNLSNpFcDs1PPlVS6u2cWNgYw2pN%2BqW%2Fa%2BOklU3cY3v5noPfcItP4juMFaitd9c5kyjyEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a233a43-FRA
GET H3	200	framework-c77b5ad42e6fa06c.js Show response home.s.id/_next/static/chunks/	138 KB 45 KB	27ms 25ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91083 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"2272b-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrJzynfIjN%2B7T250uI5X%2BiLCWFMCDmuELXjww%2FgmE8PuWc%2B8fwxCgZj18XW3NjS6LksGBSC%2BRGMGUpG3Wsw5dZXpq0zuUKOYXr83W2wpT21Vab3PEukjjPeIEL%2B4fOxAu%2FL6ef6vdg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a263a43-FRA
GET H3	200	main-45f200f3cb6b7b3d.js Show response home.s.id/_next/static/chunks/	97 KB 29 KB	39ms 37ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91084 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"18214-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQWEJmaXRuToPjLW5BiIvd61sORIyU5CPhjcZh%2FferH3VzIy%2FA8f%2Fswk5zAANUUrGcCBZv5kDgf7i9o2d5FXIiaWpfuTNRXapvlmrfIC9nyCqqsgM5W9UfqB7aP1I%2FtD3ey3Eiqa%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a273a43-FRA
GET H3	200	_app-73b7a0e1018fbada.js Show response home.s.id/_next/static/chunks/pages/	419 KB 133 KB	43ms 42ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/_app-73b7a0e1018fbada.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1996d16604b14f7f83fb927f0f64340eb47857de583178ea2527cf7daffb162b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91083 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"68cf6-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5Nyc%2BtvAhHdKN9mwBeUy3Vmo%2FYczi1CMg%2BhKhn%2FRCCUDgtfFaWAyEsv6%2BUXGrkJ9tMpXsJwYsr5%2B4oVRnHUYcYuhU59E7%2Bs0nd9leUU5T3665yg%2F8OP%2BGAqB5OOhlvY5xtRMmoILQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a283a43-FRA
GET H3	200	forbidden-29883e63e1ce37b2.js Show response home.s.id/_next/static/chunks/pages/	4 KB 2 KB	23ms 22ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91083 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"eb6-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHgWdGASW4N52n3xpOhlZgG8%2BLOGCMehCrqMECh7idn2StmcS0RogzVegbRQzQygK1v2QmTMZQBALPZwfSIj2bDy%2F7gnEBygX7fpkFeOMIO3hyaVGGrgQwusaYGDtA3m1f0pn%2BVwwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a2a3a43-FRA
GET H3	200	_buildManifest.js Show response home.s.id/_next/static/yLzFDYz1DFyKn3ieCCNi1/	9 KB 3 KB	25ms 23ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/yLzFDYz1DFyKn3ieCCNi1/_buildManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e49360b72547086ccd365b11ed9033ea26c9e5d845f59fe355516c781a386b8a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11678 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:48:52 GMT server cloudflare etag W/"25c1-18c19d66c20" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1csvUUqPvP%2F7jkrsjZPYMIJyokmJE%2BdcxQWTMO33V%2FYFDp79P0ihMTBr3SYiYnukW3qZkYL%2FCZv6tLU0P5qWjiHEZr3D%2FanTXFLE6nhz7BAX9WQTwxxGakX224pZ7mMMqvyt8qYeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a2d3a43-FRA
GET H3	200	_ssgManifest.js Show response home.s.id/_next/static/yLzFDYz1DFyKn3ieCCNi1/	91 B 624 B	23ms 22ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/_next/static/yLzFDYz1DFyKn3ieCCNi1/_ssgManifest.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91083 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 06:49:30 GMT server cloudflare etag W/"5b-18c19d70090" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bitTNJNJyfCQgrCrUC1%2BOeJS1OlApmSo59UtMdCWWYhAjJIO5fEltLBj2bLc5WkLzexnuedY4sH92YVAYHsOydBkwQwCVM%2BA8da2l3zcnwwTIz5ODFEnrI%2FW%2FNH3gVszo49iE%2FT0Yg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control public, max-age=31536000, immutable cf-ray 82e1b1402a2f3a43-FRA
GET H2	200	403.svg home.s.id/images/errors/	4 KB 2 KB	250ms 249ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/errors/403.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 27 Dec 2022 03:47:41 GMT server cloudflare etag W/"1136-18551b16f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZhZBoscowruguofpVYfJNGbohSoejRkyVZ3RVKwjuDDsIIkH3Ibs5Wa%2BcG24cvnZEhtYRBkARNkzTsGGvnmqxlHKz0KnhfZJpStLTKyIUuOeRIKEGW%2FFS9mKWWdF0wTgMYcr9dp6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 82e1b1400c35bbc1-FRA
GET H2	200	sid-neu-logo.svg home.s.id/images/	8 KB 4 KB	257ms 257ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://home.s.id/images/sid-neu-logo.svg Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/forbidden User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 05 Jul 2023 23:09:20 GMT server cloudflare etag W/"2120-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdHp1YgNOKadtdfsRvVmTj08I4p9pcs1Rsu3t4IDCnCmqbfD0x8P%2FiEQLSD6qirTfHscWIZbMpAPMh07z9BewBYPhumEsZBqYb%2BzBKTQ61kbB5E8OcDkcHic61n%2BVme40VuNUnAiWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control public, max-age=86400 cf-ray 82e1b1400c37bbc1-FRA
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	290ms 45ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://home.s.id/ Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 82e1b141aa0a3616-FRA
GET H3	200	montserrat-normal-700.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	253ms 253ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-700.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GImJJKVGzy3ASR955xYzp%2B4CEXBeYmC%2FX1FHQQiDkRndBbGg%2BwaY7oBfmnZN7tEPY16o3C1JGBrvYTI5ToTxUdfqPIT6KZ0RFdxyIlqlAvej9JX4nw6wT%2B0Wr1HXZhFk929jNbJ3mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=300 accept-ranges bytes cf-ray 82e1b1420c763a43-FRA
GET H3	200	montserrat-normal-400.woff2 home.s.id/assets/fonts/dist/	30 KB 31 KB	250ms 250ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2 Requested by Host: home.s.id URL: https://home.s.id/assets/fonts/montserrat.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://home.s.id/assets/fonts/montserrat.css Origin https://home.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 30856 x-xss-protection 1; mode=block last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"7888-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BlSYj2e8vAtXHCoLBtxqKrr6H9rAi1WG5YIg1Upa0Qh8zXXUyIycFTxMnqWKUYwuZNcFbKxmOHR19bRSG8mqHzPnrHrZ6mVT3bHa6%2B5c0X1psLWL9zzux8RydIXmnQGKBhvxyKi6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 x-frame-options SAMEORIGIN cache-control public, max-age=300 accept-ranges bytes cf-ray 82e1b1420c783a43-FRA
OPTIONS H/1.1	204 No Content	me app.s.id/api/user/ Frame	0 0	653ms 205ms	Preflight	45.126.58.90 IDNIC-PANDI-AS-ID...
General Check archive.org Show headers Download Go to Full URL https://app.s.id/api/user/me Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers ds,x-rpc-lang Access-Control-Request-Method GET Origin https://home.s.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS Access-Control-Allow-Methods GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin https://home.s.id Connection close Date Thu, 30 Nov 2023 08:24:09 GMT Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET		me app.s.id/api/user/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	86ms 45ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d252be50bcf728ed234ad90dd5a02a029b622755600796fd167bc57e9dec214e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85215 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	81ms 41ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c9d0e605829105505896d3b8a71ee9a659ebe06cdde77f7ced5b5683462fabc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85932 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	213 KB 76 KB	68ms 27ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14211908d976552024d987c32fc584166e89d9384e0b1724e7d35b8f0572916b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77474 x-xss-protection 0 last-modified Thu, 30 Nov 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	27ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 30 Nov 2023 08:24:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 2Dcd2cFiZgX+TC5hewW/gODxPddRWqBOYTstbb21ykEqNnug+NJJQpD/wea5tZ+7A3ZPP0nJG0Xqe1PwQx4tPw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	64ms 26ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id SJN8N1JDMTD43WG0 age 44 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk= last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVE2BgkDZQyQ1swp2BaCRsYBg4IXP7iSXlGmK8ulTaaN3JDGQ86J91IdJYA0sjdVpty8BtPwF95glvyOYUvxxjWyOTWcoCsyX4o6oBIF8f6ZqCDmPITbYIoWtbM2xkk%2FKld4pTU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 82e1b142a82f361d-FRA
GET H2	200	client Show response accounts.google.com/gsi/	199 KB 79 KB	82ms 43ms	Script application/javascript	2a00:1450:4001:806::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/_app-73b7a0e1018fbada.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fL9yc_pdLd4W4FWeTjc-gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fL9yc_pdLd4W4FWeTjc-gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	3626502037629324 Show response connect.facebook.net/signals/config/	140 KB 36 KB	10ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3626502037629324?v=2.9.138&r=stable&domain=home.s.id Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 30 Nov 2023 08:24:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36865 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug Eua2mkQrPrSps3qvj5Wg2kojxXayubSA1PtKs+gTJNPbRXMY1B2eJRZbkEeZggOSOqnzFZMaworC6sCTPkMyrA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	4b27aa03-d3da-43eb-8382-660c054fbc9d Show response ekr.zdassets.com/compose/	1 KB 1 KB	221ms 184ms	Fetch application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dc846bba941de1fc473533aeb5bb0250fb78e9e0ef2b7966b99b26734b0bfea Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 825451a10d9e5f2f-SEA, 825451a10d9e5f2f-SEA x-runtime 0.003874 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"4dc846bba941de1fc473533aeb5bb025" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FE9grOoUJ5LNCGX4g6DiCj6611Hed%2F%2FeZeHi6f3YcfxNX8%2FTqftCsgKCS7kHShlmWpZKIQODWb1gwmeFABLM8VLvuV6Vkze5BFdzh01V3gnANOMpQyX8c0WDQKKRNVf8b0%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 82e1b14309033a8e-FRA
GET H2	200	/ www.facebook.com/tr/	0 185 B	29ms 7ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1701332649442&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701332649436.2082895378&cs_est=true&ler=empty&it=1701332649405&coo=false&rqm=GET Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 30 Nov 2023 08:24:09 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	28ms 27ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fadaafe15644db3578fc4085e148e4cbdac0a60a7d371c29a900324f4e48ac41 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85198 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	28ms 27ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4f194cb83350a68a6d5da3d6182ba86643f990c0442a991a5ca865f1af28b266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85930 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:09 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/	3 KB 2 KB	64ms 27ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1701332649485&cv=11&fst=1701332649485&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=153972122.1701332649&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 02be22bf4699cd0921dd46e4cfb2412837f7603e571574db6d00073d5a37b337 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1235 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 49 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 77a4c3897e42e91633d152279d995bf6b187afcfc30f5857c7160f6ff4b7ec53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 50366 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:09 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 249 B	45ms 16ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3b60v889124234&_p=1701332649340&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701332649&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2596 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 249 B	57ms 18ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=90659549.1701332650&gtm=45je3b60v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	62ms 26ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=90659549.1701332650&gtm=45je3b60v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=681597913 Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	17ms 16ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1701332649340&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701332649&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2625 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10823601447/	42 B 455 B	69ms 31ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10823601447/?random=1701332649485&cv=11&fst=1701331200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNYZBBdgkjUqlmlhnWfiPVgeK32lts4w&random=1264753860&rmt_tld=0&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/10823601447/	42 B 154 B	29ms 29ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10823601447/?random=1701332649485&cv=11&fst=1701331200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNYZBBdgkjUqlmlhnWfiPVgeK32lts4w&random=1264753860&rmt_tld=1&ipr=y Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js www.google-analytics.com/	52 KB 21 KB	48ms 13ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://home.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 30 Nov 2023 07:49:38 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2071 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 30 Nov 2023 09:49:38 GMT
GET H2	200	web-widget-main-0345ad6.js static.zdassets.com/web_widget/messenger/latest/ Frame CDE4	435 KB 136 KB	31ms 31ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id MAWFo55nmJzTCV22.OVVsjgzwIcuk5qx content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 5NG07683BG19B9SP age 1845794 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 vBelavEzM+F4Ko+4zGWcfhsix/dqnW0c5dM2hXHExsV321LPz971FRwckA88OeSALRfoF/dRz8w= last-modified Mon, 06 Nov 2023 00:52:49 GMT server cloudflare etag W/"9bf48d8c4bfd9e228c1cfc260b39519b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpxdDaERQwzxAyONAC%2FjqKHW7lr7eS6kWlmXtbXPgjZz4qK0LGeKX6tldo5CCHGVlhhr9ttCOZIs%2FLKFlfpLqSuqAQJ1D%2BM6vaBbsVImzIC66mNNa6a4b394ipTWprNPknoQizU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1447a00361d-FRA expires Tue, 05 Nov 2024 00:52:48 GMT
GET H2	200	Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response blog.s.id/post/2022/05/19/ Redirect Chain https://s.id/1SV77?s=skip https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	110 KB 31 KB	51ms 28ms	Document text/html	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Requested by Host: home.s.id URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash c84902b24e7e054c5dbd28f239401c8448e562b49fdeb9f4ef29d32b1333e6c4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://home.s.id/forbidden#action Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 3729 alt-svc h3=":443"; ma=86400 cache-control private, max-age=86400, must-revalidate cf-cache-status HIT cf-ray 82e1b1472aeebbc1-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 30 Nov 2023 08:24:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIkq%2FcvAur37WObMKZcHxdJnr3nNFC5Nz8GydxWCli1obAaSquX%2FZnv%2FeYg1fB7gN61MXHbybxn0Ot6EJ44SZVXexDOhUoSBn76AR6XpBhvVNYVCz5HC2qL0fFMK1mfGOLXd6YQM%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-powered-by Next.js Redirect headers cache-control private, max-age=15 content-length 0 date Thu, 30 Nov 2023 08:24:09 GMT location https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect server nginx strict-transport-security max-age=15724800; includeSubDomains
POST H2	200	collect www.google-analytics.com/j/	1 B 201 B	21ms 20ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=611556367&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2081651184&gjid=1787715941&cid=90659549.1701332650&tid=UA-225238330-2&_gid=677124891.1701332650&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=147416755 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://home.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://home.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	en-us-json-0345ad6.js static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame CDE4	16 KB 3 KB	22ms 20ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id SVieg7ebyluTA_U51KpD8k4UW9CnNoR3 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 5NGF411GQRJVD72J age 1403143 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 qZFLuR4kjTOJ4X6pKBpHTui6s7i5iQiwp8gWBhmslcxwoAx9FWXKb9Sc0ZhAo/pqa9sJSapEysNsHH8DC8bD8g== last-modified Mon, 06 Nov 2023 00:52:51 GMT server cloudflare etag W/"2d7a163ff937b4b9ea7ab13e6c8dfadf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjYYSfxJcrJOp2doPk6d3yc310Ox2csXaY4ZuJtPHcuninnqQLLSlkXPz1xrIFvFm4XyxMDkU9U7P4G0Z0eKQ3XdJ9K72BnnCK6fVsgm5ShEyLop6TKHfoLqzdowb%2FoQ04mj3Fk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1454ad8361d-FRA expires Tue, 05 Nov 2024 00:52:50 GMT
GET H2	200	web-widget-4852-0345ad6.js static.zdassets.com/web_widget/messenger/latest/ Frame CDE4	139 KB 47 KB	31ms 29ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id LLGa90fsv7bQUGdN2N0k5kLPN0aE.36G content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 5NG406C711XSH18P age 1745899 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 hBf/0a5TVF6o6VJ/eQf3shJOJ5rCkTGmZHFVorKt417YjrOEXQkiZiMHqLVdguxufrFljv7PC7RT+IUgPu4G1Q== last-modified Mon, 06 Nov 2023 00:52:49 GMT server cloudflare etag W/"ea51d3eb674c1f286144bbe26ba05c86" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koOLRxxdGAQs5DriBOwv%2B%2BP%2BJX6oIVydKOzbBq82gVngAaHdA%2FBqLqfOzpy4dTx3K7OuUnhRqVDkK4HeYhTc1ldRfolZDJYq83IGqFRfpvV25Kyx7kAnN%2Fri6TEydBLBJtSodVc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1454adc361d-FRA expires Tue, 05 Nov 2024 00:52:48 GMT
GET H2	200	web-widget-519-0345ad6.js static.zdassets.com/web_widget/messenger/latest/ Frame CDE4	24 KB 8 KB	26ms 24ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id c3fTu.1VTXTnJfTpV257t3CmA_E19Whc content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B489Y0EH0VREEAT1 age 17720 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 tW4oGHXNWcmTGJrP2G7VhjwZAqImn9omdZnC+SKHpwfElnMetRRau0HK+nOmHVPYoxT6NkcBPGY= last-modified Mon, 06 Nov 2023 00:52:49 GMT server cloudflare etag W/"1c9884a2069c7bec6b20dac62004eb1b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYJ4LAK0kskyMFmrVCqV2jtJflpeazbv69xMBKzbj%2FOcJrgH2HtxkrItfzdPG%2BWlukdbIEmWLSuZwq2foygUbnSgX50HBqJwO%2FQZROML53NaLHMAjUjWbobbX%2FIN0remM1jCxrY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1454ade361d-FRA expires Tue, 05 Nov 2024 00:52:48 GMT
GET H2	200	web-widget-5178-0345ad6.js static.zdassets.com/web_widget/messenger/latest/ Frame CDE4	24 KB 7 KB	23ms 22ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id WUnw5FU0oRqazTz0z66hJW9BpnBWa3hS content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 5NGEDWDDF7CRHGKQ age 1845793 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 Jj5JStxWhYlfR+eKgiItTIEYuvnL7SUb9iZuTn3At0SRbZIxBx2x22m4PUWxdi3pcyuX1bEPqHA= last-modified Mon, 06 Nov 2023 00:52:49 GMT server cloudflare etag W/"11034f049f5eef05b26ed292ac59e1fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xevbkCQHAcQ%2BBtnTlySn%2FLdXQ5fxfIra0%2FqVAFNi9gFtZadvdTtPsjiWh0eP5w7g7bLdIgBSsJ5BsGp2KAX%2BWCfPip7prYVtjVvx1%2B%2FfPPD6E1mTHtPjnlf2mo4%2FyHdhbpFA9pI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1454adf361d-FRA expires Tue, 05 Nov 2024 00:52:48 GMT
GET H2	200	web-widget-9535-0345ad6.js static.zdassets.com/web_widget/messenger/latest/ Frame CDE4	15 KB 6 KB	24ms 23ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:09 GMT x-amz-version-id Htn9g_potgdCgt0Ro1y4Ux_z.nUmgxGP content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id Z0TNH7WR3WDJNY83 age 6789 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 3gzpbjxrp0zMh5xDP5QRBSoLDVT/GHeUR7zZVpwqYZ9YIoJrJSGezD8waZfZRjlY5tT04SRbXds= last-modified Mon, 06 Nov 2023 00:52:49 GMT server cloudflare etag W/"d46547a6c79c8800ac99ed5408528a12" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtgcNbTZV0dwGqmgkmnw6m68fnCjJUChVCZr2jhzoccZfWXLqp05kGNIOQzvd9KqMgvkEtsFgjH0CDWuVG45sX4KaJvewUN2uxr8%2Fva8l8bX5785hrhBUcWo5wS1pwHGFWI%2Bmjk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b1454ae1361d-FRA expires Tue, 05 Nov 2024 00:52:48 GMT
OPTIONS		pv sdotid.zendesk.com/frontendevents/ Frame	0 0
POST		pv sdotid.zendesk.com/frontendevents/ Frame CDE4	0 0
GET		config sdotid.zendesk.com/embeddable/ Frame CDE4	0 0
POST		collect region1.analytics.google.com/g/	0 0
POST		collect region1.google-analytics.com/g/	0 0
POST		rum home.s.id/cdn-cgi/	0 0
GET H3	200	0106ac4f559f1e7f.css blog.s.id/_next/static/css/	119 KB 19 KB	29ms 29ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/0106ac4f559f1e7f.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e539b21e6f0f24bd22788d1478dca70ec9541e04c93fd31faea8a22a9fd0f0cf Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90781 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"1da9a-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYGe87N%2BRhp6CH11j0MWiI8eFi947XdADZc3Van1AtPOxqrBs7J00VTdryF%2FXmC9X%2ByQ9gpC2JBkH8VC3aLU28xx%2F7s%2BDeDtjiR5y%2BFt9FiVegD9rp3VaVXfjRjCY2iCPPyaHCBMqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1476b143a43-FRA
GET H3	200	0ccc702cf5b6f291.css blog.s.id/_next/static/css/	722 B 786 B	24ms 23ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90781 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"2d2-18c19d4d1f8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gRRN4yYd4umRuV9LVwjTm3xkLZltOBk0fHqZsIwisK9g0y9yP48hAY9bybEovyc02%2BoaaWv3TVOCZ1%2FC3TgMGNmHAb5Dne7ZcVIsmWhEWiDHcDTgcuq9ojB8bFbUTmADR6KNDI4aA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1476b163a43-FRA
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	179 KB 59 KB	102ms 65ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36c179de3cca6b78dd67a165e40b9d8e7ad7a76c75d44c36eb58542438295958 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60461 x-xss-protection 0 server cafe etag 10653562595786915201 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 30 Nov 2023 08:24:10 GMT
GET H3	200	webpack-36d12a75f0098f30.js Show response blog.s.id/_next/static/chunks/	2 KB 2 KB	22ms 20ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"892-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulqJRmQKErTPn3S2Z7vUwwgegTbf%2BrWDYmE4GmvuT83hjJGx%2Bg4UU1CE%2B8mDRlsV%2BQEWgh69JAwhRbGubVdAKpkttl7609s%2FR9ckomRnXzwEdF%2FtVLzVHjZnSX1HuyY79hTEVnRIjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b233a43-FRA
GET H3	200	framework-400d78dd60ac46ca.js Show response blog.s.id/_next/static/chunks/	138 KB 45 KB	25ms 23ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"226e4-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bo%2B4RC2c0NmquVJFBTzSCuYdEsMF3XxNGAZsjLCUsmqo1P%2BY8woyUxDKcMVhu9sy6Qydg8hebmTDxlTHMwoZc02WmuTgn4Zw6%2FmZtf1NuoR9v1acVMyBrfVu4jLhyNut0qlCjFbOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b243a43-FRA
GET H3	200	main-ef060895a635bf59.js Show response blog.s.id/_next/static/chunks/	96 KB 29 KB	27ms 26ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"17fff-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pk0H1b4%2BV3eMNbNOBDtTRsgbh19RvBPGxmqutC8gr9J8VmBq%2B6PVv66hhuwTbHvXgSI%2F3Xkb6BYCDDF04J%2BGEZ0jWPfBkVrmXGjDHRqv%2BLRT6Rt9xH88hFP%2F70gaGORI9WF4oZyGAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b253a43-FRA
GET H3	200	_app-0f590372828a3d5b.js Show response blog.s.id/_next/static/chunks/pages/	256 KB 83 KB	31ms 29ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/_app-0f590372828a3d5b.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe9812114ec1b75ab721f01e51b8db8472d76916bf5a12455adc0ace94f665e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"3ff1d-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJJyVYFaF2UD9SawSUWakFLuktOE5fk2Qc5CKIfsp1Gspz90eS%2FJaVYwfZyBkU4Ut3UIryAiNvBd3LwNBt55q%2B5fLSwp9oISXbKZY58hYs6SgVFBa%2BHa8iEPvNn3Mm2MC30peYoz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b273a43-FRA
GET H3	200	b7322211-fbdd2383fa168487.js Show response blog.s.id/_next/static/chunks/	3 KB 2 KB	22ms 21ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2116 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"a7e-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZknU%2BLLSEVMu%2B%2FI9hzXx8G6z6vkQwyaQiUKxrLIx%2FqGSWs6AEIvpF88ZlfHLfIkXGoazqvMslfrwojGqghIy82RQWgj111MihtWiETmrAifSp3OZRekh2x9OSseE742DJSaX68srwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b283a43-FRA
GET H3	200	903-f279e023cd941d06.js Show response blog.s.id/_next/static/chunks/	140 KB 43 KB	33ms 31ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"23198-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpCe8k07Z%2BmVMRjbWB96VqEgGs22RpbsurWJMF2czgh30k%2F6%2F4vOhZ6Xv9iB0bhRbkM970S%2BlVv5llx3QzdtHnv6oDrc6lKoxeaG31gTGsQntksECU9hq%2BoLKLHsQbP1qqMuEbUG8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b293a43-FRA
GET H3	200	68-2e64a3f8828f14eb.js Show response blog.s.id/_next/static/chunks/	13 KB 5 KB	29ms 27ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/68-2e64a3f8828f14eb.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b65e6dacc1ed3c70256c27952382a79941640eca2413a96fd802f37069366f9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"35f4-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHeX%2FXF6IsfxSv8R20pzxUvRYFQJJrI3yPrew3%2F6WMsPzsRp7TXQjzz5Ltu7yaXyVtdiYJlfGfdz9MunefNvonNoaXUhKPwNdCG9xYScKSRbfKncOSdEwXBt6EVRuvX2bPrHgwCgDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b2a3a43-FRA
GET H3	200	%5B...article%5D-f50dfd12dd1bf9bd.js Show response blog.s.id/_next/static/chunks/pages/post/	26 KB 10 KB	26ms 24ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90780 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"6877-18c19d4d1f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvhV6RoeR0LOFZDqlgpzVVvq5rRBT3YvVQ0817H3BQyoAS0FTJ446zisc5oU7QDM%2F4uKwpPWvoUXbpUtA4twlNjA%2FIQq4P7%2FKUhyO9QB0KFNfSFOwThwYtwghmq43VxVm2ARtMm0Ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b2b3a43-FRA
GET H3	200	_buildManifest.js Show response blog.s.id/_next/static/Z5c5xjQ6stc6MjR_vBGN-/	998 B 992 B	29ms 28ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/Z5c5xjQ6stc6MjR_vBGN-/_buildManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 044f880f301e0ef549cb7571763a7b328f23563b18f3ddf4f3621481a5df2f8a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 16193 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"3e6-18c19d4d1f8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FROQWGdBl64sB56wLvrxzGHstkNU8iDn%2FfHZLOYsnpV0MKfoQ%2FyAdHrzOEG7Ge5rIPK0fq%2B3E22wD%2BF6aoaqRfB%2BiGmoKppfAfvYrZvAdC9%2FghOj3curnv%2Fe3VvelZtdGesLyUZrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b2d3a43-FRA
GET H3	200	_ssgManifest.js Show response blog.s.id/_next/static/Z5c5xjQ6stc6MjR_vBGN-/	77 B 602 B	21ms 19ms	Script application/javascript	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/_next/static/Z5c5xjQ6stc6MjR_vBGN-/_ssgManifest.js Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15359 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 06:47:07 GMT server cloudflare etag W/"4d-18c19d4d1f8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyINIKhDa%2BtwfgexiH0aiFlYDdW9iG3MhdlT2v0jWEWVz1Bw70cJLxPtuiJT7ZRB0BmQs67phDF%2BajMdMCjvdXjeAFIQOQ9%2BEBSgs%2B3K1iISnN7kAgGxM%2BxQoYKKJ1I%2F1Nr6cVvTeg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 82e1b1478b2e3a43-FRA
GET H3	200	montserrat.css blog.s.id/assets/fonts/	3 KB 993 B	275ms 274ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/montserrat.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDdKv9yV7TcyAqfknUuiHfalwRh9%2FAo4gQeJI8bAVJd95sz4gtF4N2gBCyOjF9JsqzZnW5q25MrlqODiKEnvpJibYlAO%2BADuk6GuPd6pMV1AZeA3B%2Fpzpl5fjjkghS074ys6RYPuyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 82e1b1476b173a43-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans.css blog.s.id/assets/fonts/	4 KB 944 B	247ms 246ms	Stylesheet text/css	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/work-sans.css Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNX%2BMD3JLVaKgvB1bmyVs%2F%2Fxo76C26KNvXKwDBbvlBaDNr34nsQsIWb1OnjWvpY7sJ3Vtj5I8Z4JWhswKdZPDR4Cs44RJr%2B9WdfdyzPQ6FehoilewsnObIemKqa3%2BnwKVNtXcE9Pqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 82e1b1476b183a43-FRA alt-svc h3=":443"; ma=86400
GET H2	200	klip_2310_home.jpeg cdn-sdotid.adg.id/assets/	38 KB 39 KB	74ms 25ms	Image image/webp	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-sdotid.adg.id/assets/klip_2310_home.jpeg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT x-amz-version-id 7J5fU7ky2RB2K0._gaywL1p5g8cLKNce via 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff strict-transport-security max-age=0 x-amz-cf-pop AMS58-P2 age 2695 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 38940 last-modified Thu, 12 Oct 2023 09:48:14 GMT server cloudflare etag "41e097787c826186c9cc5281368f5c85" vary Accept-Encoding, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq91Kz0cXXICOjvkrT0lvYStOPjxwvZ%2FL1ZawyewQaguM%2BqbpNyge4%2FNPwcuyAkGd77VvxjOJfbZHus8%2FhLkP3ZLqcVCXr2sVZhPJSFDF9CoU71eVG6V6h%2FHL%2Fqb9kFPEgZMwCYYPEJnD2H%2Fro5tyw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 82e1b147cb54b98e-AMS x-amz-cf-id Q9lc9Wk-N8SoUgnOBa9jmOUXI823dqLy3sMrW9oqK2X8csREMQ_9fg==
GET H3	200	adg-red-ring.svg blog.s.id/images/	6 KB 3 KB	262ms 261ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/adg-red-ring.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 12 Mar 2022 15:31:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"1926-17f7ec17510" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwY4dfegfPXtcNItMykc0WJP%2FtvqfgAKvMcVYWI2RytA%2FKaOe3Vr8Y6svb5Td0zN3OcJTPf%2BQvezH9G6N%2FQwRkFdta30nTOBmYOFr6v7D8nmplQ6IT76CwVls60Uv0xDutEh%2Ftwupw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 82e1b1476b193a43-FRA alt-svc h3=":443"; ma=86400
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	41ms 40ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://blog.s.id/ Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 82e1b1478ff83616-FRA
GET H2	200	show_ads_impl_with_ama.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/	457 KB 149 KB	95ms 94ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1ac19810a4b22ad9d8a221e73ff4e70b07c0deca4cbd7e40cbdd94dd66ed368 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 152513 x-xss-protection 0 server cafe etag 4274172389160050447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 30 Nov 2023 08:24:10 GMT
GET H2	200	zrt_lookup_nohtml.html Show response googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame B42E	10 KB 5 KB	15ms 14ms	Document text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_nohtml.html?hello=world Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d55a156869576a8baad154f82c96a47e1190e71beb00a2b0a46c1e5abe2cb9ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 51543 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4481 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 29 Nov 2023 18:05:07 GMT etag 11545877214233297199 expires Wed, 13 Dec 2023 18:05:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	work-sans-normal-700.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	267ms 266ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqRBkfy8U1%2FpnDmkySag81zLFksl0%2BoAMVuFcYAZH0PqdiQXlrVbbQwPTbbJFJTq9q0Wt7vN8X6%2F8yM44o%2F8rzCw%2FbxZ3%2FKdQL3U0nsB2exUyLkOTHiKP6%2FdBwNyQYYQQuAmk1JG7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 82e1b1492d653a43-FRA
GET H3	200	work-sans-normal-400.woff2 blog.s.id/assets/fonts/dist/	47 KB 47 KB	266ms 265ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBG7d5KpiJFAro7NSGqAVMm8GksXeEvCIRBgdS%2BP6Z6QYbsWt%2B10Rk50EeckkNv4c1lCKGdxNv2FQ7RQXqDlzkWj9YFaHNhGgDhMrNw9hAvoKg7J78rilWkv%2BDq286GtF71QqxkKqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 82e1b1492d683a43-FRA
GET H3	200	sid-neu-logo-dark.svg blog.s.id/images/	8 KB 4 KB	252ms 251ms	Image image/svg+xml	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.s.id/images/sid-neu-logo-dark.svg Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 05 Jul 2023 23:09:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"2137-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gSs7SBzw5CGrcC1nYhDe7IrYJLly0%2FHLS1d7MCA0IiSFCspBA715n2Xe4nHY3C5iEEIREgoTLSDcTJmcegCKo2zVOh2OqsIQenECxiWUCnkRBRbGnlMrhhTEhBt0uyqxLX2QsSYJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 82e1b1493d6c3a43-FRA alt-svc h3=":443"; ma=86400
GET H3	200	work-sans-italic-400.woff2 blog.s.id/assets/fonts/dist/	44 KB 45 KB	238ms 237ms	Font font/woff2	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2 Requested by Host: blog.s.id URL: https://blog.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b61d2de9865afa7dbbb91782523d03263294fb81eeae08e9ee0fc6f121e1a6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://blog.s.id/assets/fonts/work-sans.css Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 45488 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"b1b0-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KoAk%2BJWMcxkfp6AiSTcdJyr4xEUm8ZwzJTCWiYTIftodfdpq7o%2B%2F7THjG6aA3C3BFtnSoKKDamgjdbvwNF4CRgBOWS3OUNOxLcCNQ6sjTu%2FkNpZ575yMFyjFodopqT5rclKUUVqOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=300 accept-ranges bytes cf-ray 82e1b1498dc33a43-FRA
GET H3	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1c6751caf313c346ed03fae2f7f24d70659acf553f2b7ab8c8c63ad47957b37d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85213 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:10 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	37ms 37ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d50dd477e448c483a51eff8cfc2ab007d70160dc0307ac9e6232de90e0fb152 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85785 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:10 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	10 KB 5 KB	21ms 21ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT x-amz-version-id hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id SJN8N1JDMTD43WG0 age 45 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk= last-modified Wed, 09 Aug 2023 01:01:02 GMT server cloudflare etag W/"42d94c325a0b012e41f9c3907853625a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JKEuGvouJZuOhvsk2E94gQ3ihU2pl94Icy8Py5KNPz67ZzdDzn1nHl7HFk2FiWA4hWEDznqXQUhbbhl6Le2rvDvX9JG1NadDSZoRUGcQPJmPaitsfuFbjQdLY2Cv6fwFD%2Bc53Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 82e1b149dfeb361d-FRA
GET H2	200	1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response ekr.zdassets.com/compose/	336 B 589 B	183ms 182ms	Fetch application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edd2ddd164915e5640a8d0286b0f6c520cc7666526efcffd2553c72b83b5d82e Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK cdn-cache-control max-age=60 x-xss-protection 1; mode=block x-request-id 824506526a0a4ac2-SEA, 824506526a0a4ac2-SEA x-runtime 0.004663 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"edd2ddd164915e5640a8d0286b0f6c52" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKkSSNj2KfRaYM2x0nmaoBvQQ0kM6cddfd3jbtJwYvGYDeVMSHQf3gDkS6hhbItEHGxd8C%2FDb43yewKbCF77NbYsRuDvHXmV%2BHtyCJVvnxqSqYOY1hWAR2J%2BsX5a6RIBdkU%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers vary Accept, Origin, Accept-Encoding cache-control max-age=300, public, stale-while-revalidate=300, stale-if-error=21600 content-type application/json; charset=utf-8 x-zendesk-zorg yes cf-ray 82e1b14a18773a8e-FRA
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	19ms 19ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3b60v881303990&_p=1701332650535&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701332650&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=959 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9316a73cac93c021fe6f9b4ee90d9dc3a1ccd0ccc2f3f6bcc4f9ef553a4b3038 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85857 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 30 Nov 2023 08:24:10 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	21ms 20ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3b60v889102823&_p=1701332650535&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701332650&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=994 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 68 B	22ms 19ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=90659549.1701332650&gtm=45je3b60v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	30ms 28ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=90659549.1701332650&gtm=45je3b60v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=138304637 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 59EE	0 20 B	191ms 190ms	Document text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1701332650&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701332650312&bpp=7&bdt=168&idt=384&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2404958992165&frm=20&pv=2&ga_vid=90659549.1701332650&ga_sid=1701332651&ga_hid=1002772440&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C42532267%2C44795922%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=473857912113769&tmod=409474964&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=404 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:10 GMT expires Thu, 30 Nov 2023 08:24:10 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	50ms 49ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookie-consent%20fixed%20bottom-0%20left-0%20w-screen%20lg%3Apx-0%20z-50&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-framework-7b3d0eba84129756bae8.js Show response static.zdassets.com/web_widget/latest/ Frame DD31	102 KB 32 KB	26ms 26ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-7b3d0eba84129756bae8.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50aa47c223a2b331ccf7bef5f39ed9987788357404a2ec9fd7f7958c8af6f046 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT x-amz-version-id JNIun3CCEEHMesl0sMy07ndOe4J5c0Eo content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 5NGAA2C64NTZXCD5 age 1845769 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 TsVQmG2cCpaKMuQ9EoLL+qg0QaPVKqmhqFfvnxcRYvAA59Euc/QlONxa+QoPisUo1YK7/jflsRI= last-modified Mon, 06 Nov 2023 00:46:26 GMT server cloudflare etag W/"b93c4e92c8949f2dd0f5599fe45a0364" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2mrSKiSvIm014nuhhB2mxqli6%2BAMXcFMznMhOyAN01od1Y%2FojZKbiBmCS1dj0GvF1E%2Fgl%2Bda3q0CgvyBzVFma5ZFQGyeB1MgCmqDrnoFj2YSxUyPpY3okH0D5cZLXTwhyt9Uag%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82e1b14b69aa361d-FRA expires Tue, 05 Nov 2024 00:46:25 GMT
GET H2	404	config Show response shortener.zendesk.com/embeddable/ Frame DD31	15 B 952 B	62ms 23ms	Fetch text/plain	162.159.128.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shortener.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7b3d0eba84129756bae8.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 162.159.128.7 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=0; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2479 x-zendesk-origin-server embeddable-app-server-6c58497b58-gdz9z x-request-id 82e174bf69302c5f-FRA x-runtime 0.006888 server cloudflare vary Accept, Origin, Accept-Encoding access-control-max-age 7200 access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z5qVjbT2b8rq%2FvTyYGK5eQ8oDoPpuygjAuN3qhdEw1oV8odLLc2R1pejZq8ja1zfK6Oj1zfsey74yRTGnux6LPg%2F3dmWgBLcimi5rEK0kh%2B3OracnuIGZZnYk4xZeQYovpoRujjjw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=3600 content-type text/plain; charset=utf-8 cf-ray 82e1b14c08c82c4e-FRA
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	93ms 62ms	XHR application/json	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0f40e0bbf55b8637bde13c3c748c98ba1c7595f98017bbe32f03249effb9ac4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12101 x-xss-protection 0
POST H3	204	rum Show response blog.s.id/cdn-cgi/	0 137 B	11ms 10ms	XHR text/plain	2606:4700:20::ac43:4b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.s.id/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 content-type application/json Response headers date Thu, 30 Nov 2023 08:24:10 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://blog.s.id x-frame-options DENY access-control-allow-credentials true cf-ray 82e1b14c48803a43-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	92 KB 30 KB	192ms 134ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f267bfc38a38ff1cfe0ce3ce87f042915f9add75c5432e93328aa40d6b1554e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30251 x-xss-protection 0 server cafe etag 429 / 19691 / m202311150101 / config-hash: 13453586915431125287 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 30 Nov 2023 08:24:11 GMT
GET H2	200	site.js Show response protagcdn.com/s/s.id/	442 KB 126 KB	93ms 62ms	Script application/javascript	2606:4700:20::ac43:4bb1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://protagcdn.com/s/s.id/site.js Requested by Host: blog.s.id URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=453743 alt-svc h3=":443"; ma=86400 pragma no-cache cf-bgj minify last-modified Tue, 18 Jul 2023 04:06:38 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvR6Ps58f527kU0ZUEEeB70LoneO8qag50P7MlotRbzKEFfXNlzJxtuavuggfQwmAv41z9SlX%2F0qyFOoaxyztM3Oxnqh9asTGRQUfxeXdSnXtWRbGP6%2Bp%2FGngXq8J4EZqD%2FQ1kqWZi3s51k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 cf-ray 82e1b14c79979237-FRA expires Thu, 30 Nov 2023 08:54:10 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	173ms 110ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 30 Nov 2023 08:24:11 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/	431 KB 135 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:18:08 GMT content-encoding br x-content-type-options nosniff age 43563 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138149 x-xss-protection 0 server cafe etag 11558412289700915514 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 28 Nov 2024 20:18:08 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E82	13 KB 5 KB	14ms 13ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 57860 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 29 Nov 2023 16:19:51 GMT expires Thu, 28 Nov 2024 16:19:51 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame FB06	829 B 981 B	26ms 25ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 30c342054921c1313a8513c803c5d4dd976bcc6ded5ad94775e351924ec1b49b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-6xgGvTExtjP0DatqLpP-dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-6xgGvTExtjP0DatqLpP-dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:11 GMT expires Thu, 30 Nov 2023 08:24:11 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	37ms 15ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 18110 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230132-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0bDgjO7xphO3S1z7mxavgXpCy7EwkIJWXfjehX0z9WlgARE1eTeHk5SOtrB6eLt0D2GZXSf%2FBWiJxwX0qIGRpHDmCleDExkdvacOghXgdBjH44YTeD0siMP2JquvmTu4LeS%2BUgZ7Rx%2FS1B5YY0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 82e1b14e8fc7047e-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	152 KB 33 KB	58ms 19ms	Script text/javascript	2606:4700:10::ac43:266a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Tue, 28 Nov 2023 11:19:25 GMT server cloudflare x-amz-request-id VF0K1FN7KR7ZCCA2 age 1976 etag W/"d12fc51ceb66081fc72dabad6e4e0ded" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 82e1b14eae2203b8-FRA x-amz-id-2 dr6oJ8UZH6gxgPjsXBxrxBIx6Zp7MkR+d8Xk38cJxE7BlmdtmDakYA5d7D+sYXqzg9fp4ksqnsYnhZfeegZrtg==
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	53ms 15ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Tue, 14 Nov 2023 21:28:00 GMT content-encoding gzip age 1335371 x-guploader-uploadid ABPtcPosiWJMTi6DpSufSORNQNukYiP051dDMboge2ChLaAOCj32gcVycc6YGc4ZmCsMil6S048JGg_x_bo6NsyokUiiiqWjYCfy x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Wed, 13 Nov 2024 21:28:00 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	53ms 24ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-a9a7" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 01 Dec 2023 08:24:11 GMT
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	35ms 8ms	Script text/javascript	65.9.66.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 07:38:20 GMT content-encoding gzip via 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 2752 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id r-Ewr0U1LFMJKBcginWKTTGpU7OSbxVgrLSiPH2vqIYEc3kcoGJCEw==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	63ms 26ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context 6ac924ffa901bb7b3ec2019b4011795f alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	290 KB 70 KB	946ms 946ms	Fetch text/plain	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=473857912113769&correlator=2287677495804617&eid=31078986%2C31079761%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701332651302&lmt=1701332651&adxs=-9%2C426%2C426%2C426%2C-9&adys=-9%2C390%2C884%2C2286%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&fws=2%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=90659549.1701332650&ga_sid=1701332651&ga_hid=1002772440&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-pnQ-sExSABSAghkEhsKDGlkNS1zeW5jLmNvbRj6mdD6wTFIAFICCGQSGQoKcHViY2lkLm9yZxj6mdD6wTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y-pnQ-sExSABSAghkEhcKCHJ0YmhvdXNlGPqZ0PrBMUgAUgIIZBIUCgVvcGVueBj6mdD6wTFIAFICCGQ.&dlt=1701332650144&idt=1059&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D25%26protag_minutes%3D24%26protag_hours%3D08%26protag_day%3D4%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D25%26protag_minutes%3D24%26protag_hours%3D08%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D25%26protag_minutes%3D24%26protag_hours%3D08%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D25%26protag_minutes%3D24%26protag_hours%3D08%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D25%26protag_minutes%3D24%26protag_hours%3D08%26protag_day%3D4%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cecaac8ba8686be12c88f4d1098b18ba674d8791bc0c2c037afb81a934fdb9aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71294 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://blog.s.id access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C6A	6 KB 3 KB	88ms 20ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:11 GMT expires Fri, 29 Nov 2024 08:24:11 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame FB06	0 0	47ms 47ms	Image text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=473857912113769&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1	85 B 203 B	115ms 114ms	Fetch application/json	34.120.107.143 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 Protocol H2 Server 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 143.107.120.34.bc.googleusercontent.com Software / Express Resource Hash 0d1b53748ce56e91c1924c5aa69502982c31378fa77d3039fedcf20817dd0cef Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT via 1.1 google x-powered-by Express etag W/"55-UoZfX3LY0RovERFBRft6vNuMzbU" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://blog.s.id access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Thu, 30 Nov 2023 08:24:11 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://blog.s.id location /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	syncframe Show response gum.criteo.com/ Frame E919	15 KB 6 KB	50ms 15ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:10 GMT server Kestrel server-processing-duration-in-ticks 302316 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response pagead2.googlesyndication.com/bg/ Frame 1E82	39 KB 15 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Tue, 28 Nov 2023 03:14:50 GMT content-encoding br x-content-type-options nosniff age 191361 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15254 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 27 Nov 2024 03:14:50 GMT
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 331 B	104ms 30ms	XHR application/json	54.216.8.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.216.8.15 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-216-8-15.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash b33407524203f240ddeea7a17f5bdc479d196dccfd07eb784a0206e614a5e009 Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:11 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://blog.s.id cache-control no-cache x-server 10.45.10.220 access-control-allow-credentials true content-length 60 expires 0
GET H2	204	increment Show response id5-sync.com/api/esp/	0 225 B	51ms 16ms	XHR text/plain	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://blog.s.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://blog.s.id date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	sid Show response mug.criteo.com/ Frame E919 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=y7JbZnxWaFB1bjhaTlpERXE1L09QelMwM3lsbENtaXdPVHF3RTJrSHBJY3IxNG1ORXZLakFWYnV0TVJzcjNFUE1FbmNKNUU5bWpjYUF3ZmpxMGh1TjNRMXQ5Z05JWVRlNFJWWEY4ZWJuOGM2WnoxamQ5Nnlvdk4xc3dPdH...	428 B 655 B	16ms 15ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=y7JbZnxWaFB1bjhaTlpERXE1L09QelMwM3lsbENtaXdPVHF3RTJrSHBJY3IxNG1ORXZLakFWYnV0TVJzcjNFUE1FbmNKNUU5bWpjYUF3ZmpxMGh1TjNRMXQ5Z05JWVRlNFJWWEY4ZWJuOGM2WnoxamQ5Nnlvdk4xc3dPdHVKeitSdlpPUHZENVl3V1F3NForRUFjMDMvYnREQVBXcjV4eFh5SVRDNTBCRXMvdWswL3YwRm5GQk1LRkd4N1JvUkhEOGNQbFNRVXcyWDJqUmlSRkxseXhHVmROdkdWWUQ0VldXRlhnbGxTQmJHbHFLT1FaVGFHUWpRalJKSHp4Y0xGa1YzMFlKSkRjT0l3NTNINTM5VHNpMnJzZ2NJQT09fA&cppv=2 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash d6bb439f5190dd222b9eac44184ebb807e40a74cc5857a44f9401f008c7150f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1084837 expires 0 Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:10 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=y7JbZnxWaFB1bjhaTlpERXE1L09QelMwM3lsbENtaXdPVHF3RTJrSHBJY3IxNG1ORXZLakFWYnV0TVJzcjNFUE1FbmNKNUU5bWpjYUF3ZmpxMGh1TjNRMXQ5Z05JWVRlNFJWWEY4ZWJuOGM2WnoxamQ5Nnlvdk4xc3dPdHVKeitSdlpPUHZENVl3V1F3NForRUFjMDMvYnREQVBXcjV4eFh5SVRDNTBCRXMvdWswL3YwRm5GQk1LRkd4N1JvUkhEOGNQbFNRVXcyWDJqUmlSRkxseXhHVmROdkdWWUQ0VldXRlhnbGxTQmJHbHFLT1FaVGFHUWpRalJKSHp4Y0xGa1YzMFlKSkRjT0l3NTNINTM5VHNpMnJzZ2NJQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 296938 content-length 0 expires 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1E82	0 10 B	35ms 35ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?DTC_Pw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:11 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame CE47	0 176 B	69ms 22ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Thu, 30 Nov 2023 08:24:11 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	52ms 51ms	Image text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=473857912113769&bg=!p6SlpOvNAAaGYW-ApmE7ADQBe5WfOGkoxLy2r3PuEf06nebmSM8PH9hgwZhVNgv_WHj2GXMdWH4NvxLxfam_Hl6c_mK1AgAAAHxSAAAABWgBBwoATX1Dit1BajKZ9yZFDvnBdUXdfQ2ds8yIKIP16rHqYPRbIODWyBeJvhdukOFxQth3aa2eQNo15TioTKIwJH7Km8D03It7LIMAz_D1k0h0mQKwTJTWSsw3AEParOWdvddFI-pHNdTBzQpthUQ6B4F0kpz_QhT-Ko4s3_FARFpp11hfATys3KjzR9F68ZzaK8hUXiTPBnT9iUr3fpR1lhIAwskrFwEnbNJ2tuDxXCC0wPS0xtFtOHy-rdbSIIE2ItjJExhlmk5ma5EW1aGCPpjqUEdBkifUGNc4A-7i04eOP93WXuRz7K8nuxoNqi1UYwuUHdFTCjG5RJljt7xc9auikwxaQFQyjYi5WyJ2SWGRgM6nBzqsC3BvcmD7FlfUw5IFPI5FBkjS8EX_dOgQdEwg7vdvM8JxaAHyaN0MJryWBslgd98zXcP-gZbysCWiBnB9J6OfI-JqAruevbfWo29Zuog-Kot49FiHoDVQ1nEdJAz2P0hAdnJFeiXRfR2h55PXM60YVnXnu-VJmaH-MbbKL14cVauMW7Rkt-DJ2O1MjfbSSLLdDAnxloN79qqGGBA1DpOIlSZE33kdFrnN5K0fpxKZUksfTAc-qoHrawwPZJharx8Gc45LpSoOA7Rsp6ecLdM7G1_xyt5J3iQ7TV2jS1ImIg-Th3eQS8SlZA4nM8tHbCyZZBGmSMESFF1CvQy0NZSAVh4_E-MGJ4etzdJ346Prb7i46lUuPN1zy8LQFYq9WNB1FgwTs_QEIZRFZKEnhSPIvDhNZR7jGImEVX5GNgtrf3auqIxhU5G0jw_eA76JuhWoTt4YTfQiDA-kNSdeuc-A4k_F3wjFHRtX_s6lSmGehGVYwk7CdRcklXwqBwcaCAZk-hh7HoFmJX9TPB91dVhcPwS37C0ANbPtht_Ste74DdR9_hfdkpwHvoQBpjUzT1h_Jc1c2z_i8G34l36sxAwc1Tm5H9MLx8nasN5EjXVQz154uQn_mwcjJZAUGqbEKXDqSBeDM3O8SBQNBLNcQw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012310301456000/ Frame 1987	196 KB 56 KB	112ms 16ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 Nov 2023 02:37:57 GMT age 539175 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56081 x-xss-protection 0 server sffe etag "6a17d296884b026a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 23 Nov 2024 02:37:57 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1987	15 KB 5 KB	143ms 48ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 25 Nov 2023 08:33:14 GMT age 431458 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "0b7142e00666043e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 24 Nov 2024 08:33:14 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1987	95 KB 29 KB	145ms 49ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 24 Nov 2023 03:53:12 GMT age 534660 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29077 x-xss-protection 0 server sffe etag "7b1f1965b6cd6fda" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 23 Nov 2024 03:53:12 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1987	5 KB 2 KB	142ms 47ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 29 Nov 2023 17:42:18 GMT age 52914 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1911 x-xss-protection 0 server sffe etag "5b0a82507b260c6e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 28 Nov 2024 17:42:18 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1987	40 KB 13 KB	138ms 44ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 23 Nov 2023 14:54:32 GMT age 581380 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12952 x-xss-protection 0 server sffe etag "9817e561a46c70fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 22 Nov 2024 14:54:32 GMT
GET H2	200	css fonts.googleapis.com/ Frame 1987	14 KB 2 KB	76ms 24ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 30 Nov 2023 08:24:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 30 Nov 2023 07:24:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 30 Nov 2023 08:24:12 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1987	2 KB 2 KB	22ms 21ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 17:17:56 GMT x-content-type-options nosniff server cafe age 54376 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 30 Nov 2023 17:17:56 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1987	295 B 319 B	21ms 20ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:36:38 GMT x-content-type-options nosniff server cafe age 38854 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 30 Nov 2023 21:36:38 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 1987	0 0	26ms 25ms	Image text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQbgNVm_JFqvCLZIEwLmYj5tz0NufTTpRvnAu2iCBlTh6CIY7KyxScDAT64XDZw_CYeg4AHTlC1PJzQFI1blrntkCczw Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	container.html Show response c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7C0	6 KB 3 KB	27ms 13ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:11 GMT expires Fri, 29 Nov 2024 08:24:11 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 1987	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c78c100f85d8692e41b3a4894c211ff9f90e73d94a7ebe228ab59d70813eb15f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H2	200	container.html Show response c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C097	6 KB 3 KB	14ms 13ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://blog.s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:11 GMT expires Fri, 29 Nov 2024 08:24:11 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 1987	33 KB 34 KB	68ms 26ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:01:51 GMT x-content-type-options nosniff age 40941 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Nov 2024 21:01:51 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9438	468 B 198 B	65ms 62ms	Document text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYj-Go7gEwAQ&v=APEucNVl5RIc2o1AC4WDFmHsy8YBQK931uuW64L95xEtu88S3N5vXhsINsnDpyxRzjXpnqLsSWOZtnPPFp7V2O2bp0sJJQW_9hVxqi_NWefCKTvU_8fbjTxJBN4j4xgODIsXS49eL-RtFZL4OHqVqtFYukcJK4yNtmUodxAvLP2KFAWQqsag2KZWxPvhRi2B8zynvuBMhm8g0_HQaqHZJZu0l-MG3DoalQ Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 178 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame D7C0	89 KB 31 KB	86ms 85ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 30 Nov 2023 08:24:12 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame D7C0	42 B 63 B	55ms 53ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CX_ASruGPX6bxjFBMuLTjU1Y6ciXjsbj1_otH88arWBqJfOK4Cv2pCd7NuPsm89CgHAWuEQitlX8pe_pUywYgXs8uqOJY6k0iKhs3WgysOCPhM4KA Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D7C0	0 20 B	56ms 54ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=105124684624083053&x=1&ct=76 Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1525518/72172421/xbbe/creative/ Frame D7C0	263 KB 80 KB	132ms 42ms	Script application/javascript	34.255.244.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.244.118 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-244-118.eu-west-1.compute.amazonaws.com Software / Resource Hash cdcb142271630dcc5e4ad50b88314d5dc2fb9d1a6eb4aa89d06771f6eff46827 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame D7C0	3 KB 1 KB	20ms 18ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:52:07 GMT content-encoding br x-content-type-options nosniff age 37925 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:52:07 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame D7C0	30 KB 12 KB	22ms 20ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:53:00 GMT content-encoding br x-content-type-options nosniff age 37872 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11776 x-xss-protection 0 server cafe etag 13853050904789882092 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:53:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame D7C0	0 0	30ms 28ms	Image text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmQ8hy1PbCBlwRKIB_8RGiyloUBNAhFx9Pnf313y7adBjus9Txa83zp3x-FuBUW0nBvtaKVhkm7UEm82wWdYnyNOX47g Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame D7C0	202 KB 64 KB	141ms 71ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65067 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701261208926228" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 08:24:12 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame AD22	624 B 242 B	55ms 55ms	Document text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYmK3p_QEwAQ&v=APEucNX5m5OVuufx_Ef_HsMHloXK8Tr7xidE_ZyM15xQr0ZsW_deZRZwCf5XVegwMDULDyeAgmqZQD42MALWeSOln64rBupQf7hKJ3IX3CRTjHMxIDvs_gowTtFNdf8-WxTXYiqVh5QEeK-jOk92xVvNvTSSnw6rDK-pnwGzQZ3-taI1hJqUOLQJCRw_GbawZ7eCQ-JmKeqO8dGYrnLUR7FVYGYPe2C7lg Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 30 Nov 2023 08:24:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame C097	31 KB 12 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:53:02 GMT content-encoding br x-content-type-options nosniff age 37870 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11894 x-xss-protection 0 server cafe etag 8278194740845609983 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:53:02 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame C097	11 KB 4 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:00:13 GMT content-encoding br x-content-type-options nosniff age 37439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 22:00:13 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C097	0 0	139ms 59ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKmz77Fu5nchtCyirfDMFn40t3IPl3Ur75J9G4NUC8BnpmRUEAd11RVReYBFfHOPX1ZpSAm36NAd49MSfer4WDFiXx4UYzw6nA-2z4gk6DQehpsLSfgHKTnLQjyyFJwQV9NLZAdbpVmp7oHG7pX86TwK0pAKJAqTsx03cC_DVhM4FnlnV8b4Ng9C7s5O5iFx2kK0GV9NtVO4O3iMkkYYvc34s2dIDjHgRCwrknjrhLRHwYnoMlnYSsmdPGbB4Pf1-D9mRFO8UCit6NsQfQbG1X8PSiz4e4hKWTh5FWOAHB6eRlGuT7sR-VMXWR1fxWKf-hWjD8n5WJTDNyOBRp69Ga-KO_dn9zR5f3yxMThWySnoM1cubRhr4J8NNgkVg_MZ5aP8Sa9aZmP0MCnoFyoHMjnD5EORQvN3D0Db39xxMxbS0j1AvOO9EUgzpFnvpLiBSBhDoafP7cJyFLKULpo7ObaIU5FTfZWRPhYAtFwlYhcn1tn_JxlJN74RAHcWyInyUlLvdoPEVOadlWdHP3o_bFV3NjDyqRc1VrUdYBq1daPdgn5OqvmjjYrGSDuiGIKBX5SexifapX9ctJywOCL19fmoJazRHvbfqFtHtbHTiwkkaCJrwbE1IK6eEgemOue2UEYV1FO1GyRvDqKAz9pLl3lXP0nc7xKNJYkmZJW4tDDoC4v8ln0sk1r4hGwL5bfTXZs70fSb48Sb4mnaDffp3Imu_wibCBFYUe8_siJjIXrGnfapM3l8V9zwGg6YFahtbIMaz_2DB8RJUXgqEmm8n3mmQjx2ADJ4QTKCC56I4GXuytvKtU9tmmubAW5tjVL3HkllNP2iaMzAwM55WrjarT-3CM5mR0RJOrd71IqMMxcMMSUSb9_zBEZXSiQoevVxW05CSeHA1686_dY__YlbG2VRIFVlOv-QrrxR52dIu3WNdwxb6OUud3AL3nrnRYL3sRaZaDvnTWSDZf7z60Q52Or_kPOFa6Ac04jJ5kxY0kSmzQHkHY2dFa99q5Pfrg6jjroviu79r45LRDM2hHBPAsdQ0OyH9xEdCfNfPfN3rQXxXxkey2gUklpYzsSBKGVQcm6zE2m291mHs9ZTGh-MeWYNfKlSjQ7S1FOB5ElHXna1L1Eg3uxKef8aGIZ4zddzB_vOOiLjfDzxeaYKtuDcTTX3hKroinOIrtEIAWkja83UIiluT1nu6tGO8SMkZG1wjwn-RkLEKQOmfN5Mjy9kldyzPlCS81ZPEhXCbqqRLVfD8WFJ1fkGU5MbC9mPCfb9WXMXwIVhmG2dC2LbG68t7_PFKMqAU9WEqFM04caUFSwR4EPtqByGkSNuBUZKSRtOSXXFbX12sthE0NDtMiQ3RiQVZg&sai=AMfl-YQ_GaX02kk_mTAoRZP0Ph_DnXeJHOcZwx7H5Kd4XE7cCQRlBXA-ABOsgU6dy6yH1y4pqOYmgWhNyjJCyokhZI6fJD2wqLhdWIOhw_S9uRa-K-b1On_34Rtt3ECzCIxrnIPMT5LqvRIQQ-1eHZgO14OuMbMqqaqgKFp0KaxqhekEEfCq7MCsVj5j2aOwVIFTK6uxzZ01DEdF54_d4ujI92Ab9THpZ6FQTMh-99S2sgOj3LXpR-SdSI8-B3f0XvJ7dFVHpzGGFyP8foBoDigpxJhzxXaygRwh0_cv6YQ0GUI-XD780sAdMPrKVmaA1tY9-F0n7D997QvQjqCQ21Cc75fbtpCEQoqAkgBy8-b7PRc1ciLjkLyQVIGWiNqFH5F8eG2f_2eOChrF68PkXW-0FjRq&sig=Cg0ArKJSzNFrJ6hVnB6nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231128.48047&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame C097	41 KB 14 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sat, 25 Nov 2023 16:17:22 GMT content-encoding br x-content-type-options nosniff age 403610 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 16:17:22 GMT
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame C097	3 KB 1 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:52:07 GMT content-encoding br x-content-type-options nosniff age 37925 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:52:07 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F95F	1 KB 643 B	21ms 19ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 77522 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 29 Nov 2023 10:52:10 GMT etag 48472445140208031 expires Thu, 30 Nov 2023 10:52:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame C097	30 KB 12 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:53:00 GMT content-encoding br x-content-type-options nosniff age 37872 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11776 x-xss-protection 0 server cafe etag 13853050904789882092 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:53:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C097	42 B 63 B	55ms 52ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dx82tlRgJDyGtV5c7PEtOz69twcv9hJFmgeWBHYNfkJRYAReQHvqLbwXVx2qtdJJh2ODaZeKlYIaZY4iNdBQbqZhbc5CCEaful1hR7kHNdE9Z2-Aw Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame C097	0 0	27ms 24ms	Image text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9Al0nz76kA_UJAAXJdrsP2XSsHe20GQM7WHr1d3gyHKD7wd4hjvQ-UkBScsFCakKm16ofQOf-4mICNflI7-vsMexOEg Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame C097	202 KB 64 KB	148ms 107ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65067 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701261208926228" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 08:24:12 GMT
GET H2	200	898512975088481816 s0.2mdn.net/simgad/ Frame C097	22 KB 23 KB	102ms 25ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/898512975088481816 Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0f05aa7fcb66da21a5b8ca4c2969e0e55961ba4c276c8c115fd80d6a25d3508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Mon, 27 Nov 2023 08:34:06 GMT x-content-type-options nosniff age 258606 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22765 x-xss-protection 0 last-modified Fri, 10 Nov 2023 09:38:23 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 26 Nov 2024 08:34:06 GMT
GET H2	200	/ d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 9438 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAt3kIG1tCpbjdDfu43O9ok&google_cver=1	43 B 398 B	248ms 74ms	Image image/gif	2001:678:cb4:bbbb::13 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAt3kIG1tCpbjdDfu43O9ok&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYj-Go7gEwAQ&v=APEucNVl5RIc2o1AC4WDFmHsy8YBQK931uuW64L95xEtu88S3N5vXhsINsnDpyxRzjXpnqLsSWOZtnPPFp7V2O2bp0sJJQW_9hVxqi_NWefCKTvU_8fbjTxJBN4j4xgODIsXS49eL-RtFZL4OHqVqtFYukcJK4yNtmUodxAvLP2KFAWQqsag2KZWxPvhRi2B8zynvuBMhm8g0_HQaqHZJZu0l-MG3DoalQ Protocol H2 Server 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAt3kIG1tCpbjdDfu43O9ok&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 309 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 9438 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1	43 B 731 B	25ms 24ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYj-Go7gEwAQ&v=APEucNVl5RIc2o1AC4WDFmHsy8YBQK931uuW64L95xEtu88S3N5vXhsINsnDpyxRzjXpnqLsSWOZtnPPFp7V2O2bp0sJJQW_9hVxqi_NWefCKTvU_8fbjTxJBN4j4xgODIsXS49eL-RtFZL4OHqVqtFYukcJK4yNtmUodxAvLP2KFAWQqsag2KZWxPvhRi2B8zynvuBMhm8g0_HQaqHZJZu0l-MG3DoalQ Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHchhXWefQ0lcRIKn4oIuegItv3y8%2Bp33DoL%2FXAFjlEkPlaKcl8T1fQjZztg6M84kiSiNBy55AGseWuXqw5rHdF5Of2Io9ekN%2Ff1P2pTUdG9LVde0CVsZfRPmfqRORu95blbLFpWgyWQ0Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82e1b156cbc135f8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 9438 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhGrPEkDGfB2KrWZfNLzwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1	43 B 735 B	36ms 36ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYj-Go7gEwAQ&v=APEucNVl5RIc2o1AC4WDFmHsy8YBQK931uuW64L95xEtu88S3N5vXhsINsnDpyxRzjXpnqLsSWOZtnPPFp7V2O2bp0sJJQW_9hVxqi_NWefCKTvU_8fbjTxJBN4j4xgODIsXS49eL-RtFZL4OHqVqtFYukcJK4yNtmUodxAvLP2KFAWQqsag2KZWxPvhRi2B8zynvuBMhm8g0_HQaqHZJZu0l-MG3DoalQ Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRKbJDsCNZA8zFDMd%2F%2FNcCDIE1vtyuqYiNMH5Fvuj5XdpMeBGtnvGhMml1zFqyvFATx%2B1KyGiKNBZ%2FdeCfR6LmBpijuoaeuzvi8cfMfjok%2F60UUtIeCnZxOTg3qirsRC2szoTF7pCIb2jQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82e1b1570c1e35f8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame AD22 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1	43 B 770 B	23ms 23ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYmK3p_QEwAQ&v=APEucNX5m5OVuufx_Ef_HsMHloXK8Tr7xidE_ZyM15xQr0ZsW_deZRZwCf5XVegwMDULDyeAgmqZQD42MALWeSOln64rBupQf7hKJ3IX3CRTjHMxIDvs_gowTtFNdf8-WxTXYiqVh5QEeK-jOk92xVvNvTSSnw6rDK-pnwGzQZ3-taI1hJqUOLQJCRw_GbawZ7eCQ-JmKeqO8dGYrnLUR7FVYGYPe2C7lg Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaoSZK5ojEYS9iW%2FRLtBpvptHQSFWwTp8GrYuAF%2FnIJiQMk0cwo6Y3kcKl4dk8aVrhcG%2F9h0emxlGYuzU6B4R%2BHUBg0ScfZKhIoRSzFSdT9RxnJeAcjx7baI7Fi0swUc8WR%2Fkcp2I6Dmlw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82e1b156cbc235f8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame AD22 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWhGrLqzziOnxbg7yPe2OAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1	43 B 737 B	44ms 44ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYmK3p_QEwAQ&v=APEucNX5m5OVuufx_Ef_HsMHloXK8Tr7xidE_ZyM15xQr0ZsW_deZRZwCf5XVegwMDULDyeAgmqZQD42MALWeSOln64rBupQf7hKJ3IX3CRTjHMxIDvs_gowTtFNdf8-WxTXYiqVh5QEeK-jOk92xVvNvTSSnw6rDK-pnwGzQZ3-taI1hJqUOLQJCRw_GbawZ7eCQ-JmKeqO8dGYrnLUR7FVYGYPe2C7lg Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuVvK%2B1k8asN9gjncK3mKtD1HCOtNhCpheAzssHgukE4piPDlVLrvMURu%2BCPC5t5qyMr8U0ca3ZO%2FJcg4XJrrsGEcnGs18yknnaI%2BEH1XaR7BfBj%2F%2BZimmnoJJ%2FkhHqERfy17jz1aew0Wg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82e1b156fbfc35f8-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKsNmWHoNDL2mU0O0zlvrE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame AD22 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEG85tt0IZ8F-c3kS40rzcEw&google_cver=1	43 B 841 B	29ms 27ms	Image image/gif	185.89.211.116 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEG85tt0IZ8F-c3kS40rzcEw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYmK3p_QEwAQ&v=APEucNX5m5OVuufx_Ef_HsMHloXK8Tr7xidE_ZyM15xQr0ZsW_deZRZwCf5XVegwMDULDyeAgmqZQD42MALWeSOln64rBupQf7hKJ3IX3CRTjHMxIDvs_gowTtFNdf8-WxTXYiqVh5QEeK-jOk92xVvNvTSSnw6rDK-pnwGzQZ3-taI1hJqUOLQJCRw_GbawZ7eCQ-JmKeqO8dGYrnLUR7FVYGYPe2C7lg Protocol H2 Server 185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT an-x-request-uuid c50d9ca1-5fc3-4550-8a9c-3b3bc503ddc9 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 178.162.209.140; 178.162.209.140; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEG85tt0IZ8F-c3kS40rzcEw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame AD22 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIwNDkzNjg3OTM1MDU5MA%3D%3D	170 B 232 B	25ms 24ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIwNDkzNjg3OTM1MDU5MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIYmK3p_QEwAQ&v=APEucNX5m5OVuufx_Ef_HsMHloXK8Tr7xidE_ZyM15xQr0ZsW_deZRZwCf5XVegwMDULDyeAgmqZQD42MALWeSOln64rBupQf7hKJ3IX3CRTjHMxIDvs_gowTtFNdf8-WxTXYiqVh5QEeK-jOk92xVvNvTSSnw6rDK-pnwGzQZ3-taI1hJqUOLQJCRw_GbawZ7eCQ-JmKeqO8dGYrnLUR7FVYGYPe2C7lg Protocol H2 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT an-x-request-uuid a5635d4d-647f-445a-a26c-1d8145250be4 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIwNDkzNjg3OTM1MDU5MA%3D%3D x-proxy-origin 178.162.209.140; 178.162.209.140; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 1987 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	28ms 27ms	Image text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: blog.s.id URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Protocol H3 Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Redirect headers date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	google match.adsrvr.org/track/cmf/ Frame F95F	70 B 149 B	105ms 30ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPYwWvLcad3XeCvqHuJ4qfo&google_cver=1&google_push=AXcoOmQyIKmHCHLcqyQz0VmgHOklPtQaN0mye-q8s_L2kfLv50YsKsoHkvtxjISp-jD0xfFsDXERTTfFaChDHjzBclkUaXqwlTSAlg Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame F95F Redirect Chain https://fksnk.com/cs/google?google_gid=CAESENdMklNklwFU1R9lK5Q9auc&google_cver=1&google_push=AXcoOmQoFPgvERLOMeQMh8OXpK1PYRCTapqXJ0nJuf2GzZ7Ejq-W1s-_2rjckIt4_gRofWlpWBTjmb1Se5jfC3l3wzwJ33bUayzt2g https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0Y0MUU4QTlBMjM3OEIzOQ==	170 B 188 B	26ms 26ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0Y0MUU4QTlBMjM3OEIzOQ== Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0Y0MUU4QTlBMjM3OEIzOQ== date Thu, 30 Nov 2023 08:24:12 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H2	200	UCookieSetPug image6.pubmatic.com/AdServer/ Frame F95F	0 166 B	152ms 85ms	Image text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMsgMssE4_phVVmcbjbLiXQ&google_cver=1&google_push=AXcoOmT-jWVN-oflI4FFTD-tcTiKUqSdUrr9FqVnwqyAR74a08Nb0IvZNiX0v5HE8Now2SVQTMeA9n00LD5n698sHHkPiZyLM0GsAA Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Thu, 30 Nov 2023 08:24:11 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	204	- s.ad.smaato.net/c/n/// Frame F95F	0 238 B	48ms 24ms	Image text/plain	2600:9000:211e:0:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOSnnWBIRhKxapv75jWu52I&google_cver=1&google_push=AXcoOmTTlObTb4a1Fvn1ffMkiwRHUFXlC9nRhl1qPis3y5UZRgEpJ-MaGDeVZp7siMdhVpyCDQMS0UejyKtIolbnFaroLJKqC-bygA Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:0:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT cache-control no-cache, must-revalidate via 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-amz-cf-id OF5Pw1Yoqq4m7qFEheUKORZqK7WclaODSA7MxfMZLUNn4WpmJdoefA== x-cache Miss from cloudfront
GET H2	200	pixel cm.g.doubleclick.net/ Frame F95F Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHeHbAvGrhOolHvYZiE9gEk&google_cver=1&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCr... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczMDE3MDU4NzkxNTQ5Nzc3OTk5NA%3D%3D&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646...	170 B 243 B	24ms 22ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczMDE3MDU4NzkxNTQ5Nzc3OTk5NA%3D%3D&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczMDE3MDU4NzkxNTQ5Nzc3OTk5NA%3D%3D&google_push=AXcoOmQYNqYiazexIpuWSDVAQqa4pFWY-Q8N5J0tuNRrJEJtVTwPd646zn0wy_yhI59eJeD0edyM4aSvipK5pXC2KJEdxojulCrR date Thu, 30 Nov 2023 08:24:12 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	0.gif id5-sync.com/i/495/ Frame F95F Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESELPfHQfJ0zzjQXgi19Hvi8g&google_cver=1&google_push=AXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0mSZ1D48dm4I2VgbW9rI-5GGynZoShVssPiXP9u4viGm4-RG-MpsSpg https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0...	43 B 921 B	47ms 16ms	Image image/gif	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0mSZ1D48dm4I2VgbW9rI-5GGynZoShVssPiXP9u4viGm4-RG-MpsSpg Protocol H2 Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Thu, 30 Nov 2023 08:24:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR" Redirect headers date Thu, 30 Nov 2023 08:24:12 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSJY9btqbUivKcIzUpcANYdR__6czA_VHZog3Sh3US0mSZ1D48dm4I2VgbW9rI-5GGynZoShVssPiXP9u4viGm4-RG-MpsSpg x-download-options noopen vary Accept content-length 273 x-xss-protection 0
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame F95F Redirect Chain https://an.yandex.ru/mapuid/google/CAESEMj06SrO_AZcb9WMnLtMFzw?ext-param=AXcoOmRYZXVgJdagNTC49ZB4GrSWVREfpKjUOmsY7O96kycP_gRgBkApbkAwMIVszpDR5NnQOjBh-A1Ofq23dkKPerXruzpWXBC_TSw&partner-tag=yandex_a... https://an.yandex.ru/mapuid/google/CAESEMj06SrO_AZcb9WMnLtMFzw?redir-setuniq=1&ext-param=AXcoOmRYZXVgJdagNTC49ZB4GrSWVREfpKjUOmsY7O96kycP_gRgBkApbkAwMIVszpDR5NnQOjBh-A1Ofq23dkKPerXruzpWXBC_TSw&part... https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEMj06SrO_AZcb9WMnLtMFzw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 144 B	63ms 62ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 18 Apr 2001 10:28:03 GMT content-type image/gif p3p CP="NOI DEVa TAIa OUR BUS UNI STA" timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 14 Nov 2024 08:24:12 GMT Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://an.yandex.ru/resource/spacer.gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame F95F	0 139 B	30ms 25ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTavB956L-loc_LwdDETimdwaj6XT3Y0N3Xc2q_Jrcz13gf7da2B37tZ6RgDlsFTQT5dYAF7g Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 3AEE	38 KB 13 KB	16ms 13ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 403561 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 16:18:11 GMT expires Sun, 24 Nov 2024 16:18:11 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame C097	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5bbef67faf064a2b07a236cb26dcaf9266dc60b32ab245e5339d3237b4a0b8c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D7C0	0 20 B	49ms 47ms	Ping image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8244540985464&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D7C0	0 20 B	49ms 48ms	Ping image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8244540985464&version=m202309260101&ct=76&x=1&cor=105124684624083060 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame D7C0	16 KB 12 KB	70ms 69ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcfyuKfJ3E_BMJUxH84rrC9pfpj9Zwtb5J1x0_G2Tif8NvKbSZm4AOE0JqKIxxJdfhEJepipvmAxgS3t2bhgq_Rf3GZe4ctnZjgPsPZ_XjIpDGAU8Fien-gA6P2WUJZNN0-GUR3Ff2hhuDMMb6mkFo5dj7mivSJBGUU8hhxqeaPN0R7MA&cry=1&dbm_d=AKAmf-CKPV0qusHye4imc5A8-D5eAHlJPDvUUApIOJ_4Q4YN298ccie5pAKeRof-zsJhdq9DdHFEyv57ET_kAMwLLmYFED_76b1jtSTiiODVcRxgm919Yj_4s65uqoWqUzf8P0Q-cCLS9ZZU543J-a872K7eDQ-Jaasy1TjtlgADvvRzXv8FPU-yIV3KMqQV7ueR-czgAf6xypUhH6AXhfTNMICr6vARbHhrQfZm56jWLzzHElwMVKwwGhPYonY-RK5lztzPmtR2v35IEP98b4ovJxcUTNuB_FKo3pEtTYeXYyUPQc2o7JsunR56CGPzraPSNub1W1J2XWnYtf5DPTacLlmE03kdDCly7rDXdUnT7hflmbLDOoxbOV--fqYvJRlrYC1XCtkDcPt0wCR-Lcqda1KS5tF97Q2TLeIg3FUGL7Yz619xksarrNgbV0FiEoYs86QExANQT1b06x1h5_vxG0Low4I-SNkiqpHo-akuh_4WGjhlhkc2oX9Qe_tgFsHuj9U_woeI9HfBkOGXXp8yQ32QsTlEGMfsFRBLhobL-Wwj99qMZjfMC75tgJvkffYPpw2_W7kLjg2yE1hch74MM0MDTEIuTYLA1J44KwHpzXw_TFuYQ_Y9fmON91-hB6SDWLBRbg8bECaqV9_lJUE1LS2-EraHCaab420XQW5GAIigtW_4ryN5cQ0VSSeLPv_fSOHqLxXV6rQROTXBW7eFeDGbzSFbX55Y8K7kxlI2sWJYOLEAEGvu4kfFYMwsThewniWI2kD73TKbSbuKfkXzWE1rki014JNS1ZdWOF0qgP_bcBUA0ZhciUXH-gqIlQkH4PfjGqKhCsgbCClGlrj3mvfcQTiEe3QWRfgTJajEXKnT5vierjxvkuyvpBpHPQ94TA-lu5fblPgMIb1svHKTyG7yp6_rqo7ZJfnHGKiPrQwCSz_0y1G7J5sZXxZ9D4SLKo5-KWWUZxQbxkFHSjHd5AiiYuJAhn8RhkBzjfK-nkMGsNJW9isFTA57lPSwaP3QSD4TxSAUzd3_414mp5LeQvMJGyFSY_ZYaqcojVZeWaK-zE3K5ot-5XJ29VwxWso6QyPfzR3n6xoRfE3GnC4KTIGkS15rEZz4eO27rwGgYCHyeyWVyNYDESJfzeAq1maqF7qkEoXVoRAmVg6VMdqb163_-XhzB7TaaeNItPaWNbpn1TF2gKYHkqyYgcOpldIOK2gCZMOJt0un-MVe40Onguh5AS1RiG5nC7zGRJ0KBoD2U2XsZu7lW9mwtXPJHSoIrfO7LTPTwPGAGnYxkvzqaP7oFqnKGqRhPWRKu5vIkv64r30p4_cn8_mGNBvNZW6wwj-z_op157K0grLp6zn_shDY-yZHWCU8Y5bB3Pr4pZzgbXLA32jrg0wqr57HOgAr_0IpYyQ2o5ag6XMCfuo4MdkDZ2EgdxwJv1AYt0modGXkbcoFjsoLd3gJj-3QDndYTzIerbrU9LPbwZIwvh3sEQLYz690Wxbuu9r1H8qwe63Bl1DpXeo1-bGmfZppqfJbc_KBca0vquBRRVElZx1MNa5n8qnI5Yg2mK7bfjtCr30YlsM5n59udRsiWdX41DYB7-tZ2PQLUc2OiFVCz-9LcnXJkEzFzO6OrE3Pjvj_aBMynzmGVh9HRbT5E1rwkT3lzl5aBToSgOw4siQg3F-qHRHdRcagWsaZpzmkN6zSATBI9qi5TCC3aWH1xYjuYd5JL5LHQsovnfEtK-yxAu7VFJbaeUBfrXjxcCsIJT9sH1G-wqmFMX-BA3sBlbU81S4dddkqU4dn93R1lcsYRdejLaqdt5GZXsl2tdoRGZXlo6obgci6g0rDbE5LNegfjoJbaGjg3honuoWDGPwMPa5Qud8bWmVfzhmMtIpfYiLiYA7HhJ-v97mFrmXUQZiUS-n1RxkQbXd14Aix8qCwNEZqVmR1kakfG49XtMKewKQ4JsaN_t03MYojyASGKre9v-5HWz48f78pCq2WbkBSEKIChcDwQ5Ew8PXj2Y0a3Nn1TdJkunS6-d3mOHo7DsRwbXiw-VdZb5l8TGcJYRJrz6n62E5DUMsw8oULTPW33lNM53Iai6XFjHk5fUfOEz1EiChCDNt-9umWo23I45tPQ8haOMZxfn_IarrMcVeJZHu4OsfhmHJ_cw2EMgphGWI53PDbc8ax781dRMoxBaBr5qO1_QTJC8SmRv9EoXchdYhDBMNS3f43djUouOrwk7jMfEfIttOyM1KwjPMgCgW7uy2maJYKT4HH-8XfN1NkalmnPA2AZ80LmoHKyiAxn-9xQqwVNw1pe3taSAl4aW9MUg3mZ07QCGpdGnZo852i6vEHUw664bES2AzZg9JOVHldZ2721kpOIgpsUL6KKK17aORx9C9kmvy6DQBsznNZHQuSXX-d0BVRVP-gyBkSdjH8xYLO2WiTS40aT01mbK8iRtDVF33xgOGwGYAsddxRJPQFmeKrzwdh5gJZxIaIB_WDPLU5AgRu_G-LSvll8QkgxQoS27B-stqssZ3rrhj6lY_xrtuZpGJsB4e1TamXFfmM3e8414BnXr7tr4aKWHi2sqzSHufi-0hO8zPHRYodfaol7-IAu_UW70ni8fF1y1fmKwL5EZvCWVBpmsvfAXlaJb0Pv1X7sX-7Vk7wMzyC4G8_vjd9biyWhr8Y3VHJNmB1DnmPP7s4FgiHQjwpAjrP9yd9F8pBmlatEQe2AB58Qa6-jfW5z3ZKELOY4yf8YV3mx1L3k5074fb_FHZ8OOYKJVSud6mls_cLX6AGKKxkQ6W_U9-8DhstW9jL4PzkBSPJWPm9S381lT2uWYj_oWNg0UJH8RgKmmgr_aXVZVZ8oZr5hg1KxxscbkG93UzK6mzxJu0b0dWr4FPPe-u8pppaf5_D2kEDGvCaMqs4IBFo6AXUJr68R43nV8MOolGmniN5N8YTd_O9tE0mEazmYqBzFwQJndMlzw_WSGdRn9KbyTWr4NE4V5er9kJ31u0CBnUJ_pEntNGY0zOfjM-zILhVB2jSXVvlZ6Nz9W3NYJPc83TA8PgwsuQSnoYnXdgvPRQ0z84a8IqqfeGyzD88KwhBwE6BwzPM5zn7OAH2T_AxwWPpxM972dZ4dHEc9ZeUesekOPtvw41H9HgGaLxFtEsdN7LqA0yD2wTykJsyTPYmtZ03UkylA8M3tKjuuOSWJQ2jhO8zuB-Om7j0&cid=CAQSOwDICaaNO_rfz8AID4gd4fh4Y4p3mIYxymDwDJmIDiQaoGK6i6kaUx6eDye9MhHi8s8n-z-l76konW6MGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=105124684624083060&adk=2086295851&idt=97&cac=0&dtd=37 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fc75edba3958db97f36ccd8ad62965235ea9db5bee1fdaf2192958f10abf2846 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12366 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C097	0 0	53ms 52ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKmz77Fu5nchtCyirfDMFn40t3IPl3Ur75J9G4NUC8BnpmRUEAd11RVReYBFfHOPX1ZpSAm36NAd49MSfer4WDFiXx4UYzw6nA-2z4gk6DQehpsLSfgHKTnLQjyyFJwQV9NLZAdbpVmp7oHG7pX86TwK0pAKJAqTsx03cC_DVhM4FnlnV8b4Ng9C7s5O5iFx2kK0GV9NtVO4O3iMkkYYvc34s2dIDjHgRCwrknjrhLRHwYnoMlnYSsmdPGbB4Pf1-D9mRFO8UCit6NsQfQbG1X8PSiz4e4hKWTh5FWOAHB6eRlGuT7sR-VMXWR1fxWKf-hWjD8n5WJTDNyOBRp69Ga-KO_dn9zR5f3yxMThWySnoM1cubRhr4J8NNgkVg_MZ5aP8Sa9aZmP0MCnoFyoHMjnD5EORQvN3D0Db39xxMxbS0j1AvOO9EUgzpFnvpLiBSBhDoafP7cJyFLKULpo7ObaIU5FTfZWRPhYAtFwlYhcn1tn_JxlJN74RAHcWyInyUlLvdoPEVOadlWdHP3o_bFV3NjDyqRc1VrUdYBq1daPdgn5OqvmjjYrGSDuiGIKBX5SexifapX9ctJywOCL19fmoJazRHvbfqFtHtbHTiwkkaCJrwbE1IK6eEgemOue2UEYV1FO1GyRvDqKAz9pLl3lXP0nc7xKNJYkmZJW4tDDoC4v8ln0sk1r4hGwL5bfTXZs70fSb48Sb4mnaDffp3Imu_wibCBFYUe8_siJjIXrGnfapM3l8V9zwGg6YFahtbIMaz_2DB8RJUXgqEmm8n3mmQjx2ADJ4QTKCC56I4GXuytvKtU9tmmubAW5tjVL3HkllNP2iaMzAwM55WrjarT-3CM5mR0RJOrd71IqMMxcMMSUSb9_zBEZXSiQoevVxW05CSeHA1686_dY__YlbG2VRIFVlOv-QrrxR52dIu3WNdwxb6OUud3AL3nrnRYL3sRaZaDvnTWSDZf7z60Q52Or_kPOFa6Ac04jJ5kxY0kSmzQHkHY2dFa99q5Pfrg6jjroviu79r45LRDM2hHBPAsdQ0OyH9xEdCfNfPfN3rQXxXxkey2gUklpYzsSBKGVQcm6zE2m291mHs9ZTGh-MeWYNfKlSjQ7S1FOB5ElHXna1L1Eg3uxKef8aGIZ4zddzB_vOOiLjfDzxeaYKtuDcTTX3hKroinOIrtEIAWkja83UIiluT1nu6tGO8SMkZG1wjwn-RkLEKQOmfN5Mjy9kldyzPlCS81ZPEhXCbqqRLVfD8WFJ1fkGU5MbC9mPCfb9WXMXwIVhmG2dC2LbG68t7_PFKMqAU9WEqFM04caUFSwR4EPtqByGkSNuBUZKSRtOSXXFbX12sthE0NDtMiQ3RiQVZg&sai=AMfl-YQ_GaX02kk_mTAoRZP0Ph_DnXeJHOcZwx7H5Kd4XE7cCQRlBXA-ABOsgU6dy6yH1y4pqOYmgWhNyjJCyokhZI6fJD2wqLhdWIOhw_S9uRa-K-b1On_34Rtt3ECzCIxrnIPMT5LqvRIQQ-1eHZgO14OuMbMqqaqgKFp0KaxqhekEEfCq7MCsVj5j2aOwVIFTK6uxzZ01DEdF54_d4ujI92Ab9THpZ6FQTMh-99S2sgOj3LXpR-SdSI8-B3f0XvJ7dFVHpzGGFyP8foBoDigpxJhzxXaygRwh0_cv6YQ0GUI-XD780sAdMPrKVmaA1tY9-F0n7D997QvQjqCQ21Cc75fbtpCEQoqAkgBy8-b7PRc1ciLjkLyQVIGWiNqFH5F8eG2f_2eOChrF68PkXW-0FjRq&sig=Cg0ArKJSzNFrJ6hVnB6nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=194&vt=11&dtpt=192&dett=2&cstd=0&cisv=r20231128.48047&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: home.s.id URL: https://home.s.id/forbidden Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 1987	0 0	59ms 58ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CjMSfq0ZoZaiAF_mN7_UP4L25uASmn_bBdNHMpLCUEt7-gZqgDhABIJLY30pglZqggrAHoAHDr4P7KcgBAakCOojAAE5qsj7gAgCoAwHIAwqqBMICT9DUeC4OXG71AHcWRt9iBSp7W1mgQFdbXP9wudG6MJDaGAG7TrEWwMgNlW6XpxriHKJZ90-GvMKB_mocyw2A01J5-2PcNAXUFS8I0O1w4sT23JO0s86imA-5ZXk5oF090cwC0ZfPn8ZPPAaxYqk5ZeVjoDG0MnKLeMAZJZb1oYC_G7zuTnoWpYaRna3UcbO_yGFl0sxkk14sK53JewojAHDqgKdl9LXCxEo_-gShXIISf7qD6nz2VF-9At17Z9v7j1A42u_hjJ0FU_FSv_de3I8ydYzcknqDAzJEBQaRkdNgLsEh5nCfA1GWsX00KQaiwZ_DmtdS1E9Sk32BuAaNHf-9dgbnfDO1lVgITrJ_nETlZO6DLACvsJj4XWH4zkXLwz4oN7O21FUc8LwXUlFGw-v7dKcjATkr1KqvCezEaS3c1MAEhr2ttMAE4AQBiAWd27XDTZIFBAgEGAGSBQQIBRgEgAfD59PaBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIaOHNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYx9bPgqbrggOaCRdodHRwczovL3Nob2Zhc3QuY29tL2RzcoAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMIxZnQgqbrggMV-ca7CB3gXg5H2BMN0BUBgBcBshceChwIABIUcHViLTI2MTA5NjQyMDM1MTUwMjUYspgq&sigh=V-hpM09uCvo&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwDICaaNO_rfz8AID4gd4fh4Y4p3mIYxymDwDJmIDiQaoGK6i6kaUx6eDye9MhHi8s8n-z-l76konW6MGAE&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers
GET H3	200	AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response pagead2.googlesyndication.com/bg/ Frame 3AEE	39 KB 15 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Tue, 28 Nov 2023 03:14:50 GMT content-encoding br x-content-type-options nosniff age 191362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15254 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 27 Nov 2024 03:14:50 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame D7C0	41 KB 14 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcfyuKfJ3E_BMJUxH84rrC9pfpj9Zwtb5J1x0_G2Tif8NvKbSZm4AOE0JqKIxxJdfhEJepipvmAxgS3t2bhgq_Rf3GZe4ctnZjgPsPZ_XjIpDGAU8Fien-gA6P2WUJZNN0-GUR3Ff2hhuDMMb6mkFo5dj7mivSJBGUU8hhxqeaPN0R7MA&cry=1&dbm_d=AKAmf-CKPV0qusHye4imc5A8-D5eAHlJPDvUUApIOJ_4Q4YN298ccie5pAKeRof-zsJhdq9DdHFEyv57ET_kAMwLLmYFED_76b1jtSTiiODVcRxgm919Yj_4s65uqoWqUzf8P0Q-cCLS9ZZU543J-a872K7eDQ-Jaasy1TjtlgADvvRzXv8FPU-yIV3KMqQV7ueR-czgAf6xypUhH6AXhfTNMICr6vARbHhrQfZm56jWLzzHElwMVKwwGhPYonY-RK5lztzPmtR2v35IEP98b4ovJxcUTNuB_FKo3pEtTYeXYyUPQc2o7JsunR56CGPzraPSNub1W1J2XWnYtf5DPTacLlmE03kdDCly7rDXdUnT7hflmbLDOoxbOV--fqYvJRlrYC1XCtkDcPt0wCR-Lcqda1KS5tF97Q2TLeIg3FUGL7Yz619xksarrNgbV0FiEoYs86QExANQT1b06x1h5_vxG0Low4I-SNkiqpHo-akuh_4WGjhlhkc2oX9Qe_tgFsHuj9U_woeI9HfBkOGXXp8yQ32QsTlEGMfsFRBLhobL-Wwj99qMZjfMC75tgJvkffYPpw2_W7kLjg2yE1hch74MM0MDTEIuTYLA1J44KwHpzXw_TFuYQ_Y9fmON91-hB6SDWLBRbg8bECaqV9_lJUE1LS2-EraHCaab420XQW5GAIigtW_4ryN5cQ0VSSeLPv_fSOHqLxXV6rQROTXBW7eFeDGbzSFbX55Y8K7kxlI2sWJYOLEAEGvu4kfFYMwsThewniWI2kD73TKbSbuKfkXzWE1rki014JNS1ZdWOF0qgP_bcBUA0ZhciUXH-gqIlQkH4PfjGqKhCsgbCClGlrj3mvfcQTiEe3QWRfgTJajEXKnT5vierjxvkuyvpBpHPQ94TA-lu5fblPgMIb1svHKTyG7yp6_rqo7ZJfnHGKiPrQwCSz_0y1G7J5sZXxZ9D4SLKo5-KWWUZxQbxkFHSjHd5AiiYuJAhn8RhkBzjfK-nkMGsNJW9isFTA57lPSwaP3QSD4TxSAUzd3_414mp5LeQvMJGyFSY_ZYaqcojVZeWaK-zE3K5ot-5XJ29VwxWso6QyPfzR3n6xoRfE3GnC4KTIGkS15rEZz4eO27rwGgYCHyeyWVyNYDESJfzeAq1maqF7qkEoXVoRAmVg6VMdqb163_-XhzB7TaaeNItPaWNbpn1TF2gKYHkqyYgcOpldIOK2gCZMOJt0un-MVe40Onguh5AS1RiG5nC7zGRJ0KBoD2U2XsZu7lW9mwtXPJHSoIrfO7LTPTwPGAGnYxkvzqaP7oFqnKGqRhPWRKu5vIkv64r30p4_cn8_mGNBvNZW6wwj-z_op157K0grLp6zn_shDY-yZHWCU8Y5bB3Pr4pZzgbXLA32jrg0wqr57HOgAr_0IpYyQ2o5ag6XMCfuo4MdkDZ2EgdxwJv1AYt0modGXkbcoFjsoLd3gJj-3QDndYTzIerbrU9LPbwZIwvh3sEQLYz690Wxbuu9r1H8qwe63Bl1DpXeo1-bGmfZppqfJbc_KBca0vquBRRVElZx1MNa5n8qnI5Yg2mK7bfjtCr30YlsM5n59udRsiWdX41DYB7-tZ2PQLUc2OiFVCz-9LcnXJkEzFzO6OrE3Pjvj_aBMynzmGVh9HRbT5E1rwkT3lzl5aBToSgOw4siQg3F-qHRHdRcagWsaZpzmkN6zSATBI9qi5TCC3aWH1xYjuYd5JL5LHQsovnfEtK-yxAu7VFJbaeUBfrXjxcCsIJT9sH1G-wqmFMX-BA3sBlbU81S4dddkqU4dn93R1lcsYRdejLaqdt5GZXsl2tdoRGZXlo6obgci6g0rDbE5LNegfjoJbaGjg3honuoWDGPwMPa5Qud8bWmVfzhmMtIpfYiLiYA7HhJ-v97mFrmXUQZiUS-n1RxkQbXd14Aix8qCwNEZqVmR1kakfG49XtMKewKQ4JsaN_t03MYojyASGKre9v-5HWz48f78pCq2WbkBSEKIChcDwQ5Ew8PXj2Y0a3Nn1TdJkunS6-d3mOHo7DsRwbXiw-VdZb5l8TGcJYRJrz6n62E5DUMsw8oULTPW33lNM53Iai6XFjHk5fUfOEz1EiChCDNt-9umWo23I45tPQ8haOMZxfn_IarrMcVeJZHu4OsfhmHJ_cw2EMgphGWI53PDbc8ax781dRMoxBaBr5qO1_QTJC8SmRv9EoXchdYhDBMNS3f43djUouOrwk7jMfEfIttOyM1KwjPMgCgW7uy2maJYKT4HH-8XfN1NkalmnPA2AZ80LmoHKyiAxn-9xQqwVNw1pe3taSAl4aW9MUg3mZ07QCGpdGnZo852i6vEHUw664bES2AzZg9JOVHldZ2721kpOIgpsUL6KKK17aORx9C9kmvy6DQBsznNZHQuSXX-d0BVRVP-gyBkSdjH8xYLO2WiTS40aT01mbK8iRtDVF33xgOGwGYAsddxRJPQFmeKrzwdh5gJZxIaIB_WDPLU5AgRu_G-LSvll8QkgxQoS27B-stqssZ3rrhj6lY_xrtuZpGJsB4e1TamXFfmM3e8414BnXr7tr4aKWHi2sqzSHufi-0hO8zPHRYodfaol7-IAu_UW70ni8fF1y1fmKwL5EZvCWVBpmsvfAXlaJb0Pv1X7sX-7Vk7wMzyC4G8_vjd9biyWhr8Y3VHJNmB1DnmPP7s4FgiHQjwpAjrP9yd9F8pBmlatEQe2AB58Qa6-jfW5z3ZKELOY4yf8YV3mx1L3k5074fb_FHZ8OOYKJVSud6mls_cLX6AGKKxkQ6W_U9-8DhstW9jL4PzkBSPJWPm9S381lT2uWYj_oWNg0UJH8RgKmmgr_aXVZVZ8oZr5hg1KxxscbkG93UzK6mzxJu0b0dWr4FPPe-u8pppaf5_D2kEDGvCaMqs4IBFo6AXUJr68R43nV8MOolGmniN5N8YTd_O9tE0mEazmYqBzFwQJndMlzw_WSGdRn9KbyTWr4NE4V5er9kJ31u0CBnUJ_pEntNGY0zOfjM-zILhVB2jSXVvlZ6Nz9W3NYJPc83TA8PgwsuQSnoYnXdgvPRQ0z84a8IqqfeGyzD88KwhBwE6BwzPM5zn7OAH2T_AxwWPpxM972dZ4dHEc9ZeUesekOPtvw41H9HgGaLxFtEsdN7LqA0yD2wTykJsyTPYmtZ03UkylA8M3tKjuuOSWJQ2jhO8zuB-Om7j0&cid=CAQSOwDICaaNO_rfz8AID4gd4fh4Y4p3mIYxymDwDJmIDiQaoGK6i6kaUx6eDye9MhHi8s8n-z-l76konW6MGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=105124684624083060&adk=2086295851&idt=97&cac=0&dtd=37 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Sat, 25 Nov 2023 16:17:22 GMT content-encoding br x-content-type-options nosniff age 403610 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 16:17:22 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame D7C0 Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnl... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0...	53 KB 21 KB	121ms 41ms	Script text/javascript	64.233.184.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId= Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 64.233.184.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f156.1e100.net Software cafe / Resource Hash 5ee1ce759bccdd9fa76ad2d1e06323cdf6e68295bfdaf75389a91ff2bf80a99c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21239 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 30 Nov 2023 08:24:12 GMT server nginx x-server-name app02.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 69F8	91 KB 23 KB	48ms 8ms	Script application/javascript	2600:9000:223f:e000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 21 Sep 2023 00:09:11 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6077702 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id NaG8OvlLw_3YbcBSBpxcTcXB1DF4Yhe4eYaG3cuOKF1m2hBYYrS9YQ==
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 216 B	311ms 100ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp461,pingTime:-3,time:62,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&br=c Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server nginx x-server-name dt01.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	308ms 101ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp462,pingTime:-6,time:63,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:25%7D&tpiLookup=ao:blog.s.id*&br=c Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server nginx x-server-name dt23.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	301ms 102ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp46c,pingTime:-2,time:73,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:427,beZ:428,mfA:433,cmA:434,inA:435,inZ:439,prA:439,prZ:445,si:451,poA:453,poZ:479,cmZ:479,mfZ:479,loA:490,loZ:493,ltA:500,ltZ:500%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:25,sinceFw:46,readyFired:false%7D&br=c Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server nginx x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame A0AB	38 KB 13 KB	13ms 13ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 403561 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 16:18:11 GMT expires Sun, 24 Nov 2024 16:18:11 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response pagead2.googlesyndication.com/bg/ Frame A0AB	39 KB 15 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Tue, 28 Nov 2023 03:14:50 GMT content-encoding br x-content-type-options nosniff age 191362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15254 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 27 Nov 2024 03:14:50 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3AEE	0 20 B	53ms 51ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BH802q0ZoZaqAF_mN7_UP4L25uAQAAAAAOAHgBAI&bg=!kJOlk9zNAAaGYW-ApmE7ADQBe5WfOJC3Eg1eU6fSY4u4H-DNrDM-1marqwewysoIBb0ajQ9cH67bebusJm77SM5jMfskAgAAAIZSAAAABGgBB5kDBkfktX4IHz3BA5M0QUOu79UqOcDXAaz51NvNJ5Gxs4sfo1QQTqwW5ftWVu2Z_ayc1uY2YboBBQ_ZnesVKh2GRBVlKp5nGoJW-BWi43My5MfCLGXKHk_vSIuvddWZSSi2ZCd_ntSVvtVKf2BJe1lSEB5trQx5ez6pCQ9qfkzCoYVyMmDqeCFY7T4QuJNrCIu7m-YUWT9XItsP6-DV-jzqa1HtpwUH9uVLdPGWjd0amrk6cQkGi9-ycujUw3ZQZwYGGD7oGv3a54zRvOAQzNQGy9DsTs4OkjRX8_9XRaJnuqO5s2G1op5k4tzXZP1Y2J83LGBegSAp1LZYvjRT1Mj3T4Uxd5PV-LQPRlXD58UNUxj9NveOqlTow0SdI3Fq5vv2_4hB7Xd_UAq5aEnNz3_2Ah0vS5jO1jgkXAXOiLy9pg2QX1NXRq_M68nw_19pIwM8jyDOrRaHVi3QgJJasNJoL6kDwBV6V6jepfzLGhl_42vpsIEqq3j1OexZROE2Qylc29UE0fJ_xkys0hr_eDQjx2JhMfBRf434NcbwFjKL3ABFMP9oQRKjuMympEFgLQSsdeIwf2LPLXlzOsMUQLHg0Td9F2ZnaKl5k1fha2QdsZ17luvx0hRs0-4kXb7FwS4JfCNiCpMJ3hGesmXvHM5RdyMnDeOFkCfRPE-xX68pK3BrkKy74OYsiwakYFDUXqemrPZRYTGVgJYGI8YzuB0my-S42AffwPY0iyzTfmiYwMzRVf0R8BTTvu90sYiMehfFc4BwgG2Q2f4qA2qkigwas3GkNGEdA1tTbOoEZxCMO1fdD8dTXp1JDUf4hyF55v6dmbgzEc3sDE4e9V49kwOzYADDGtGvlBDuxzjGjAWrpdmPt3s4fTEhGDEDHjuDc2xKhDIDPt2fbuxq11OnhvcBg98_QsfukiDCNxQhli2E9fMnXRpGWMNdLzr6QdblnbCQ6AWYxpqLZ_4uvxjBIu3LePTuEkGxAXHCqSK02od9piCj7rCnKT-TSAcfyeeGnYMznfpn5LxXpQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	4249 Show response ads.everesttech.net/ads/mts/24650/ Frame D7C0	7 KB 7 KB	362ms 101ms	Script text/javascript	54.83.164.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvWXlanh0Gs8-t-OksA1nXAUTqsKWPwH5d7FmltBRSC9--ZS8YvfwHSI1iu8ihKLGl1BU8L8HcO6UrsYWUCLZNo3nVfry7uOvAnkf9lkadExNhTAIVWqjwZZI91ADXn5CZ9bStq8g4slLJHTifog02-9NEqM2SwcET4-DNPR8wAVCpll150hai_EDqYJG4cmvYseXtTehM4aDNBcaCNpueFBW249ctnYOzQAKaroAOiM6ZMW5bKtIq1aySUn63yn5cqVju_xQhHTs3LTrBCunDE0iqwIMRVAeQ3a1vZ49QrVAMAvjfjvIROev54D6HlDw_pa72ZpzurwiK7q1_xjsgXEbVqRFPR2exrszLgHzJRdmESLjUuL-kib5ERi2e-sj2_Nr6fGIm-unrqaIkSmYkuF-tVEHv4_497Lg2M9xViR8c2cOjRIu4fkl4iiR-SwjloqI-DM4vxwbXCGZIFFPdpjbkn-0Ysn9gmtHo6AM4_xCFL2tQAFtDbQj9K7fAEpubzOOXan4elVwptjIOgYt-1D8ffkUkVzIzOiK9SUqwV79_T3tmDHxiqNPJvvJS7_Yza_kBkZMi4g8T8tQsw2ULBBTXcbYh3avUlGmxPkm-UbjJf4CTvVbNpBDlJr-Tgu_5RR2bQWbmfuQep-T3XKPRu3EWYIwo2NqveX7r5a9VbY5p3F49hL4GIEMH1kaolsIJiVPJRuyO0X7ZEepaQcUOr4-schB4WUE5knpoITc-5SlIax4AIiu0wEEuijpRs8-pCIWqArEXVDfPN8beM8_ekPf8RGoOM0fGHIIzB7A2KXP-mZ-7lO-kVc7qQZI4Yh892LRXmkbTLgyTil_yOXRWW9ZSkbco6jnE1QrI7uljZFuCpfKBBDM9MfsqL7pq-kBBc8L5tPWtmm_TpID_rCYmHUnnIORbnF8zpWRAuc5J2K7vJjT23IhtQELvZ6p0_qfpyia3xZy7eq0m4kQN5ssCU6E1kj8DXEhxh0oYncKV_5pstsK00tTFi5YR12G-liPUb86k59KzYtLyMbF29NZeyP1_xNK1_BEip_vZxG26FOXvWrmqcMo5oPCoET3bkBoC1_ZHHMJOZUO2vBnkjQWm_I0EUIpswpP-T6DCNtlDhXSfNanzL48DYtXNBLK5o8q_Z4wFSsR4RbqcmSHHvy54WAF3eVkqd0Qsi9SCC0lInArqSW5PB-tzBGutR0M55P6SwEjJf_RLixvQZvzzcP_ho99HE1JdEAJ_DXcu6RpYQUBjh_Gsch5gXIKSCgMBmo9DHYeT6kMhyAiGBhOkL5EWYMBKlVS_rzPE6YOQyUEn7ynJ8BI2K1rESrWkvcChhnaM&sai=AMfl-YQpncMwxk9C__whkg8mHZSHXg4opiBcXBLpaFo2aYt5qf25ogd461euCPQkz_E_f2Wp9uL-8hYZ3BHPBMjJ-GvFroamfftwD3o1CrRXk8xrzZQV9a9ZUZDTeyWkGFXeZnV3Lz88Rx4bSuvv0KhW7aTM4smQrUeQCtUSZka_CP8CySXEECdcqrubt0a-nRdAz9qbdqjUiGFbpgJgqfLrzkoDAMB69vKlm8UF-BI8d5KEPLaY_bqcqQTXSzjGBdQeoHneIaVQMJDWMDs&sig=Cg0ArKJSzL8Qvu5dFJ9uEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369668940&DFA_AdId=560533438&DFA_CreativeId=168149134&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668940&TC_4=168149134&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533438$dcmrenderingid|168595331$dcmsiteid|6958819$dcmplacementid|369668940$customer|Microsoft$dv360auctionid|ct=DE&st=&city=0&dma=0&zp=78239&bw=4&DCM_PlacementID=369668940 Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.83.164.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-83-164-47.compute-1.amazonaws.com Software AMO-jAds/1.1 / Resource Hash 055a5138f19bdf47d3d63fcf30f727a3c6b43df377518f79966c7f74689d2c2c Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server AMO-jAds/1.1 p3p NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT content-type text/javascript;charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 6688 expires Thu Nov 30 08:24:13 UTC 2023
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame D7C0	31 KB 12 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 21:53:02 GMT content-encoding br x-content-type-options nosniff age 37871 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11894 x-xss-protection 0 server cafe etag 8278194740845609983 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 21:53:02 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/ Frame D7C0	11 KB 4 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231128/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:00:13 GMT content-encoding br x-content-type-options nosniff age 37440 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 13 Dec 2023 22:00:13 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D7C0	0 0	51ms 51ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOAUS-1KmwyDK0m9I1FOxFSihzPTsO5uc-2v0ldzgv_UTiEmijd7ds7E12fKKZF3dDfIvo7C5K1vM2h07W9lrhmvKp6B0K-9--n2XWEGZhHRWOTvPperFu0s0ijz4l_Tkbns29_S-AEoxUBQ714jbeSi0TQBM32w&sai=AMfl-YRY1QxiAqOyJbGIzck_Nwc7nSdy7uRPQwHBOPw-wwj_9vYyWM9pNGgDrvDZ3cFzYGIjFo-7X-yxiRWvzavSbyBerFOoaRIG-DpYI4RJ-yL1oonMqLSXqDrjM2gAzw&sig=Cg0ArKJSzGiUoXT4ZniVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231128.41344&arae=0&ftch=1&adurl= Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:13 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A0AB	0 20 B	50ms 50ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwaXJrEZoZf3vJofC9u8PyLGHuAkAAAAAOAHgBAI&bg=!8POl87zNAAaGYW-ApmE7ADQBe5WfOC_8gespEHPJFO3VMsF6xgc5aS5sPbDlmhgStFBgqbBbcXZFvAcPKS1mHKplcAOaAgAAAHpSAAAAA2gBBwoAMEy1CF7EcjBII3gxFB5EG5-0mGzl7GaMGoEeg5mOx3USom5uHxoRJffXkExPlFDc55kC_ClF_IG3BXR8Dg7OI9__KogIYRop4R-mXu2B3w5-1wLq72cMo8_ZOOqOlKFihJW6vKDsA5ETjd4IPiZC8b-Oh2ZDzOOlA1K2RszgUsRyp1bWyw4YBlZmiLEQG-C28uEsdkr9gdXtcjN_kU86RrUznKIZt1Cy0eYJFe5PsCvm-hf1tMDymoRoDam_-iTtsSNmk7dStl1B6UHbqsiEd9VFthqGAw1YTjY3dtbRbbiFJLxGqs63xMGUzHZIJrH2v0T1oJ0gzTvgC7wvTYyZPRJ4a2tMry8RFV4ZsaaLPGRfdX3FEeab4fxBVggYJLLZ1g_w1dUZ0FwV88eBZXy0v1QnhrtKgkP2T6meesZFPeRDOElH_so6DZpnt8y8yUd5ZmH2-xfOG2wg64Jj1lR-dJVtuvmRLejQ7FtgqFuCcs13gHKvKJpiG1Aq_Xc9JYRncmlCVMWn3YJkYPR9_GHcRSgdj_e1b57TbESusmxDhXIeXAzcp48WSn3e-tiSHsdJelOWxrO9rFr4uIuefY3rYGReszXYFkt0Lmv8hJKGcS3Ze5wIJvbmhzLH4e0VQdP36skH6YUdV5QNu0dsHRAEtBHcS3ENDp64o1IZKkdcHLzQSIuYrnAWHRvcSsoVEzknogOcSQUtHXczYU40rbzE2mjo3SP8s_SHS5ly68H5rzLJ3s3KB3j7axxYKhmiyIm_L2u9ckXS6AvneduyFqmNR-HSrR-yh8zZ13rm7KaBJmah0Vk0fniYUn7BvGAhCPjIXfZ15df06sUKt4t8AeSGYa7sRfVehJck1AjoYCZBFa0ic9UHzF9QVMrQxSjmmLUO6Zji3Ed7MV4h3RKO4KvfMRVkQvXW5oIYleplzesLyYlWsvtmdLGfMHasuzI2BQiPDxojkZNcJrDvOwL7BJ3VmQN17BNr27etdUNU7nYRZ9gPYlY2Jaa4actUtnDT600qDyC9fV5OJZKQ2HdI-TeTGNXnaTTlhEsntWGjBkPoUXyaxxxkq9-B16-Aj092PEqu Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	428ms 427ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp4cZ,pingTime:-10,time:494,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701332653244%7C%7Cd4c75ee126542b56fbc879a2282b58cf%7C%7C31f552011cd49d12bc3cd930bb193459%7C%7C655fc8c3242b496a7b1688439493be81%7C%7C7b0a7e5c2f3f402734475b8476f15371%7C%7Cc11a6504ff850158752ff3bc4608241d%7C%7C40844b0d828baedec79201bee009cde2%7C%7C8d05e5c306183c9c080bc66822d85b20%7C%7C1663701684%7D Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server nginx x-server-name dt12.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	4249 Show response ads.everesttech.net/ads/mts/24650/ Frame D7C0	11 KB 11 KB	108ms 107ms	Script text/javascript	54.83.164.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvWXlanh0Gs8-t-OksA1nXAUTqsKWPwH5d7FmltBRSC9--ZS8YvfwHSI1iu8ihKLGl1BU8L8HcO6UrsYWUCLZNo3nVfry7uOvAnkf9lkadExNhTAIVWqjwZZI91ADXn5CZ9bStq8g4slLJHTifog02-9NEqM2SwcET4-DNPR8wAVCpll150hai_EDqYJG4cmvYseXtTehM4aDNBcaCNpueFBW249ctnYOzQAKaroAOiM6ZMW5bKtIq1aySUn63yn5cqVju_xQhHTs3LTrBCunDE0iqwIMRVAeQ3a1vZ49QrVAMAvjfjvIROev54D6HlDw_pa72ZpzurwiK7q1_xjsgXEbVqRFPR2exrszLgHzJRdmESLjUuL-kib5ERi2e-sj2_Nr6fGIm-unrqaIkSmYkuF-tVEHv4_497Lg2M9xViR8c2cOjRIu4fkl4iiR-SwjloqI-DM4vxwbXCGZIFFPdpjbkn-0Ysn9gmtHo6AM4_xCFL2tQAFtDbQj9K7fAEpubzOOXan4elVwptjIOgYt-1D8ffkUkVzIzOiK9SUqwV79_T3tmDHxiqNPJvvJS7_Yza_kBkZMi4g8T8tQsw2ULBBTXcbYh3avUlGmxPkm-UbjJf4CTvVbNpBDlJr-Tgu_5RR2bQWbmfuQep-T3XKPRu3EWYIwo2NqveX7r5a9VbY5p3F49hL4GIEMH1kaolsIJiVPJRuyO0X7ZEepaQcUOr4-schB4WUE5knpoITc-5SlIax4AIiu0wEEuijpRs8-pCIWqArEXVDfPN8beM8_ekPf8RGoOM0fGHIIzB7A2KXP-mZ-7lO-kVc7qQZI4Yh892LRXmkbTLgyTil_yOXRWW9ZSkbco6jnE1QrI7uljZFuCpfKBBDM9MfsqL7pq-kBBc8L5tPWtmm_TpID_rCYmHUnnIORbnF8zpWRAuc5J2K7vJjT23IhtQELvZ6p0_qfpyia3xZy7eq0m4kQN5ssCU6E1kj8DXEhxh0oYncKV_5pstsK00tTFi5YR12G-liPUb86k59KzYtLyMbF29NZeyP1_xNK1_BEip_vZxG26FOXvWrmqcMo5oPCoET3bkBoC1_ZHHMJOZUO2vBnkjQWm_I0EUIpswpP-T6DCNtlDhXSfNanzL48DYtXNBLK5o8q_Z4wFSsR4RbqcmSHHvy54WAF3eVkqd0Qsi9SCC0lInArqSW5PB-tzBGutR0M55P6SwEjJf_RLixvQZvzzcP_ho99HE1JdEAJ_DXcu6RpYQUBjh_Gsch5gXIKSCgMBmo9DHYeT6kMhyAiGBhOkL5EWYMBKlVS_rzPE6YOQyUEn7ynJ8BI2K1rESrWkvcChhnaM%26sai%3DAMfl-YQpncMwxk9C__whkg8mHZSHXg4opiBcXBLpaFo2aYt5qf25ogd461euCPQkz_E_f2Wp9uL-8hYZ3BHPBMjJ-GvFroamfftwD3o1CrRXk8xrzZQV9a9ZUZDTeyWkGFXeZnV3Lz88Rx4bSuvv0KhW7aTM4smQrUeQCtUSZka_CP8CySXEECdcqrubt0a-nRdAz9qbdqjUiGFbpgJgqfLrzkoDAMB69vKlm8UF-BI8d5KEPLaY_bqcqQTXSzjGBdQeoHneIaVQMJDWMDs%26sig%3DCg0ArKJSzL8Qvu5dFJ9uEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369668940&DFA_AdId=560533438&DFA_CreativeId=168149134&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668940&TC_4=168149134&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533438$dcmrenderingid|168595331$dcmsiteid|6958819$dcmplacementid|369668940$customer|Microsoft$dv360auctionid|ct=DE&st=&city=0&dma=0&zp=78239&bw=4&DCM_PlacementID=369668940&edge=y&html5=y&nr=0.8697455823746252 Requested by Host: ads.everesttech.net URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvWXlanh0Gs8-t-OksA1nXAUTqsKWPwH5d7FmltBRSC9--ZS8YvfwHSI1iu8ihKLGl1BU8L8HcO6UrsYWUCLZNo3nVfry7uOvAnkf9lkadExNhTAIVWqjwZZI91ADXn5CZ9bStq8g4slLJHTifog02-9NEqM2SwcET4-DNPR8wAVCpll150hai_EDqYJG4cmvYseXtTehM4aDNBcaCNpueFBW249ctnYOzQAKaroAOiM6ZMW5bKtIq1aySUn63yn5cqVju_xQhHTs3LTrBCunDE0iqwIMRVAeQ3a1vZ49QrVAMAvjfjvIROev54D6HlDw_pa72ZpzurwiK7q1_xjsgXEbVqRFPR2exrszLgHzJRdmESLjUuL-kib5ERi2e-sj2_Nr6fGIm-unrqaIkSmYkuF-tVEHv4_497Lg2M9xViR8c2cOjRIu4fkl4iiR-SwjloqI-DM4vxwbXCGZIFFPdpjbkn-0Ysn9gmtHo6AM4_xCFL2tQAFtDbQj9K7fAEpubzOOXan4elVwptjIOgYt-1D8ffkUkVzIzOiK9SUqwV79_T3tmDHxiqNPJvvJS7_Yza_kBkZMi4g8T8tQsw2ULBBTXcbYh3avUlGmxPkm-UbjJf4CTvVbNpBDlJr-Tgu_5RR2bQWbmfuQep-T3XKPRu3EWYIwo2NqveX7r5a9VbY5p3F49hL4GIEMH1kaolsIJiVPJRuyO0X7ZEepaQcUOr4-schB4WUE5knpoITc-5SlIax4AIiu0wEEuijpRs8-pCIWqArEXVDfPN8beM8_ekPf8RGoOM0fGHIIzB7A2KXP-mZ-7lO-kVc7qQZI4Yh892LRXmkbTLgyTil_yOXRWW9ZSkbco6jnE1QrI7uljZFuCpfKBBDM9MfsqL7pq-kBBc8L5tPWtmm_TpID_rCYmHUnnIORbnF8zpWRAuc5J2K7vJjT23IhtQELvZ6p0_qfpyia3xZy7eq0m4kQN5ssCU6E1kj8DXEhxh0oYncKV_5pstsK00tTFi5YR12G-liPUb86k59KzYtLyMbF29NZeyP1_xNK1_BEip_vZxG26FOXvWrmqcMo5oPCoET3bkBoC1_ZHHMJOZUO2vBnkjQWm_I0EUIpswpP-T6DCNtlDhXSfNanzL48DYtXNBLK5o8q_Z4wFSsR4RbqcmSHHvy54WAF3eVkqd0Qsi9SCC0lInArqSW5PB-tzBGutR0M55P6SwEjJf_RLixvQZvzzcP_ho99HE1JdEAJ_DXcu6RpYQUBjh_Gsch5gXIKSCgMBmo9DHYeT6kMhyAiGBhOkL5EWYMBKlVS_rzPE6YOQyUEn7ynJ8BI2K1rESrWkvcChhnaM&sai=AMfl-YQpncMwxk9C__whkg8mHZSHXg4opiBcXBLpaFo2aYt5qf25ogd461euCPQkz_E_f2Wp9uL-8hYZ3BHPBMjJ-GvFroamfftwD3o1CrRXk8xrzZQV9a9ZUZDTeyWkGFXeZnV3Lz88Rx4bSuvv0KhW7aTM4smQrUeQCtUSZka_CP8CySXEECdcqrubt0a-nRdAz9qbdqjUiGFbpgJgqfLrzkoDAMB69vKlm8UF-BI8d5KEPLaY_bqcqQTXSzjGBdQeoHneIaVQMJDWMDs&sig=Cg0ArKJSzL8Qvu5dFJ9uEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369668940&DFA_AdId=560533438&DFA_CreativeId=168149134&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668940&TC_4=168149134&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533438$dcmrenderingid|168595331$dcmsiteid|6958819$dcmplacementid|369668940$customer|Microsoft$dv360auctionid|ct=DE&st=&city=0&dma=0&zp=78239&bw=4&DCM_PlacementID=369668940 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.83.164.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-83-164-47.compute-1.amazonaws.com Software AMO-jAds/1.1 / Resource Hash f3fc4cbf8e18b87573a9ddc51ad2eea1ad81d38ba633373b397f3a69e6b7d74c Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-type text/javascript;charset=utf-8 pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 server AMO-jAds/1.1 expires Thu Nov 30 08:24:13 UTC 2023
GET H/1.1	200 OK	html5-ad-script_v4.html Show response dco-assets.everestads.net/ics-campaign/static/dco/ Frame C369	16 KB 4 KB	56ms 7ms	Document text/html	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZWhGrQAAEnwnKwmv Requested by Host: ads.everesttech.net URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvWXlanh0Gs8-t-OksA1nXAUTqsKWPwH5d7FmltBRSC9--ZS8YvfwHSI1iu8ihKLGl1BU8L8HcO6UrsYWUCLZNo3nVfry7uOvAnkf9lkadExNhTAIVWqjwZZI91ADXn5CZ9bStq8g4slLJHTifog02-9NEqM2SwcET4-DNPR8wAVCpll150hai_EDqYJG4cmvYseXtTehM4aDNBcaCNpueFBW249ctnYOzQAKaroAOiM6ZMW5bKtIq1aySUn63yn5cqVju_xQhHTs3LTrBCunDE0iqwIMRVAeQ3a1vZ49QrVAMAvjfjvIROev54D6HlDw_pa72ZpzurwiK7q1_xjsgXEbVqRFPR2exrszLgHzJRdmESLjUuL-kib5ERi2e-sj2_Nr6fGIm-unrqaIkSmYkuF-tVEHv4_497Lg2M9xViR8c2cOjRIu4fkl4iiR-SwjloqI-DM4vxwbXCGZIFFPdpjbkn-0Ysn9gmtHo6AM4_xCFL2tQAFtDbQj9K7fAEpubzOOXan4elVwptjIOgYt-1D8ffkUkVzIzOiK9SUqwV79_T3tmDHxiqNPJvvJS7_Yza_kBkZMi4g8T8tQsw2ULBBTXcbYh3avUlGmxPkm-UbjJf4CTvVbNpBDlJr-Tgu_5RR2bQWbmfuQep-T3XKPRu3EWYIwo2NqveX7r5a9VbY5p3F49hL4GIEMH1kaolsIJiVPJRuyO0X7ZEepaQcUOr4-schB4WUE5knpoITc-5SlIax4AIiu0wEEuijpRs8-pCIWqArEXVDfPN8beM8_ekPf8RGoOM0fGHIIzB7A2KXP-mZ-7lO-kVc7qQZI4Yh892LRXmkbTLgyTil_yOXRWW9ZSkbco6jnE1QrI7uljZFuCpfKBBDM9MfsqL7pq-kBBc8L5tPWtmm_TpID_rCYmHUnnIORbnF8zpWRAuc5J2K7vJjT23IhtQELvZ6p0_qfpyia3xZy7eq0m4kQN5ssCU6E1kj8DXEhxh0oYncKV_5pstsK00tTFi5YR12G-liPUb86k59KzYtLyMbF29NZeyP1_xNK1_BEip_vZxG26FOXvWrmqcMo5oPCoET3bkBoC1_ZHHMJOZUO2vBnkjQWm_I0EUIpswpP-T6DCNtlDhXSfNanzL48DYtXNBLK5o8q_Z4wFSsR4RbqcmSHHvy54WAF3eVkqd0Qsi9SCC0lInArqSW5PB-tzBGutR0M55P6SwEjJf_RLixvQZvzzcP_ho99HE1JdEAJ_DXcu6RpYQUBjh_Gsch5gXIKSCgMBmo9DHYeT6kMhyAiGBhOkL5EWYMBKlVS_rzPE6YOQyUEn7ynJ8BI2K1rESrWkvcChhnaM%26sai%3DAMfl-YQpncMwxk9C__whkg8mHZSHXg4opiBcXBLpaFo2aYt5qf25ogd461euCPQkz_E_f2Wp9uL-8hYZ3BHPBMjJ-GvFroamfftwD3o1CrRXk8xrzZQV9a9ZUZDTeyWkGFXeZnV3Lz88Rx4bSuvv0KhW7aTM4smQrUeQCtUSZka_CP8CySXEECdcqrubt0a-nRdAz9qbdqjUiGFbpgJgqfLrzkoDAMB69vKlm8UF-BI8d5KEPLaY_bqcqQTXSzjGBdQeoHneIaVQMJDWMDs%26sig%3DCg0ArKJSzL8Qvu5dFJ9uEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369668940&DFA_AdId=560533438&DFA_CreativeId=168149134&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668940&TC_4=168149134&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533438$dcmrenderingid|168595331$dcmsiteid|6958819$dcmplacementid|369668940$customer|Microsoft$dv360auctionid|ct=DE&st=&city=0&dma=0&zp=78239&bw=4&DCM_PlacementID=369668940&edge=y&html5=y&nr=0.8697455823746252 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Content-Encoding gzip Content-Length 3934 Content-Type text/html; charset=UTF-8 Date Thu, 30 Nov 2023 08:24:13 GMT ETag "150315370-3fce-5e32201ac1000" Expires Thu, 30 Nov 2023 09:24:13 GMT Last-Modified Wed, 06 Jul 2022 12:21:20 GMT Server Apache Vary Accept-Encoding X-Permitted-Cross-Domain-Policies all
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C6C2	1 KB 643 B	14ms 14ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 77523 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 29 Nov 2023 10:52:10 GMT etag 48472445140208031 expires Thu, 30 Nov 2023 10:52:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame D7C0	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fd6c144e4a411540ed42b9218fd9573fc5a2426ce6e3553136f653761e761286 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame C6C2 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldoR3JRQUFBd1g5OWhCZQ==&google_gid=CAESEDO4i05UX4ySUFy8Fq5fXY8&google_cver=1&google_push=AXcoOmTaL_P6_gwgMCzoT0mUvewi0trVQh...	170 B 188 B	24ms 24ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldoR3JRQUFBd1g5OWhCZQ==&google_gid=CAESEDO4i05UX4ySUFy8Fq5fXY8&google_cver=1&google_push=AXcoOmTaL_P6_gwgMCzoT0mUvewi0trVQhVkYi4-oaPaA1w7khIbGV5Q_fO_Pduba7D29aiDZULY9Io3oehsiqKK-0Np8Encz6jO Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230041-FRA pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT via 1.1 varnish server Varnish x-timer S1701332654.577152,VS0,VE0 x-cache HIT location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldoR3JRQUFBd1g5OWhCZQ==&google_gid=CAESEDO4i05UX4ySUFy8Fq5fXY8&google_cver=1&google_push=AXcoOmTaL_P6_gwgMCzoT0mUvewi0trVQhVkYi4-oaPaA1w7khIbGV5Q_fO_Pduba7D29aiDZULY9Io3oehsiqKK-0Np8Encz6jO cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	google match.adsrvr.org/track/cmf/ Frame C6C2	70 B 148 B	34ms 31ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPYwWvLcad3XeCvqHuJ4qfo&google_cver=1&google_push=AXcoOmRrvWITfioU2ixqjjCPMzpdYfUDmWV11C2dw6cZqgMRZAPSdjUtQmgXN05kBQQ4crvyIizQ0lKuVQXgNfO_tt5yg0nI3NdyoQ Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:13 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame C6C2 Redirect Chain https://cs.media.net/cksync?type=g&google_gid=CAESEED3vXH59FdQSosrWDSNMtE&google_cver=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopwwyiu5lm05aFGtXk0PwqQWM0PozBE7k9FyMHS-xDZ1kyVAphEoKi8NUaFugS3Q2cF_maV2 https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&mn_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopw...	170 B 188 B	25ms 24ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&mn_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopwwyiu5lm05aFGtXk0PwqQWM0PozBE7k9FyMHS-xDZ1kyVAphEoKi8NUaFugS3Q2cF_maV2&gdpr=&gdpr_consent= Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 30 Nov 2023 08:24:13 GMT Server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&mn_hm=MzQ0MzM0MjUzMTQ5MjQxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSmkmqfh_LM-Es7TTRSo9naopwwyiu5lm05aFGtXk0PwqQWM0PozBE7k9FyMHS-xDZ1kyVAphEoKi8NUaFugS3Q2cF_maV2&gdpr=&gdpr_consent= Content-Type text/html Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 154 x-mnet-hl2 E Expires Thu, 30 Nov 2023 08:24:13 GMT
GET		pub cs.chocolateplatform.com/ Frame C6C2	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame C6C2 Redirect Chain https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIigXv1H25luNeask8O6kTo&google_cver=1&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6m... https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A&google_hm=WldoR3JzQ...	170 B 188 B	23ms 23ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A&google_hm=WldoR3JzQ284WU1BQU5XeXpJWUFBQUFB Protocol H3 Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers X-SO-Cluster-ID 0 Date Thu, 30 Nov 2023 08:24:14 GMT X-SO-LB-Data {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEIigXv1H25luNeask8O6kTo&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZWhGrsCo8YMAANWyzIYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad138"} X-SO-Key ZWhGrsCo8YMAANWyzIYAAAAA Server nginx X-SO-Upstream-ID m-ad138 P3P CP="See also http://www.scaleout.jp/privacy/" Location https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmScEN21_U442MYN6jj6UGook8_ADErVvuaAxQSazRhPyfQGviIgLe9tujWy1z9jCpCsfop6mOFH6Rg88BuMrgP8glaAgS_O7A&google_hm=WldoR3JzQ284WU1BQU5XeXpJWUFBQUFB Cache-Control private X-SO-HostName m-ad138.dc4p.scaleout.jp Connection keep-alive X-SO-Ads-Time 3 Content-Length 0 X-SO-LB-Hostname m-tgng31.dc4p.scaleout.jp X-SO-IP 178.162.209.140
GET H2	204	/ cc.adingo.jp/adx/push/ Frame C6C2	0 44 B	794ms 258ms	Image text/plain	3.114.121.123 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESELfse_Mg6dyj1n_QkjsWi58&google_cver=1&google_push=AXcoOmRUo8t8IQp_KR_uZkoF-finOtaVGFwqhc5jUBAXw1tBA1B5uAKLYsL1Vjn8jwLnJQMUzTu8muExfFAFzkRQZU9dBIxfJvyI Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.114.121.123 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-114-121-123.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:14 GMT server awselb/2.0
GET H2	200	0.gif id5-sync.com/i/495/ Frame C6C2 Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESELPfHQfJ0zzjQXgi19Hvi8g&google_cver=1&google_push=AXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFMThvdzzMf1M_vVB06Vq88wnOtXIXwQtP1wE3GGKpP6cSt2DK1EUnARg https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFM...	43 B 920 B	16ms 16ms	Image image/gif	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFMThvdzzMf1M_vVB06Vq88wnOtXIXwQtP1wE3GGKpP6cSt2DK1EUnARg Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Thu, 30 Nov 2023 08:24:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR" Redirect headers date Thu, 30 Nov 2023 08:24:13 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwZgoTfUx4DNj01TNcmYJ1X2ZLPj_psXgSaC8MOOFMThvdzzMf1M_vVB06Vq88wnOtXIXwQtP1wE3GGKpP6cSt2DK1EUnARg x-download-options noopen vary Accept content-length 273 x-xss-protection 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame C6C2	0 12 B	22ms 21ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaNG2BGeeb4FYzTEndXyx9CJroFEKPpLYNj2zeZ-5TjxskY7_GLvhKShXjwtOp9ULp8uYTnA Requested by Host: c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com URL: https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:13 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	mraid.js Show response dco-assets.everestads.net/ics-campaign/static/dco/ Frame C369	0 390 B	7ms 7ms	Script text/javascript	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZWhGrQAAEnwnKwmv Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZWhGrQAAEnwnKwmv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:13 GMT Last-Modified Wed, 06 Jul 2022 12:21:20 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "150315371-0-5e32201ac1000" Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 0 Expires Thu, 30 Nov 2023 09:24:13 GMT
GET H/1.1	200 OK	300x250.html Show response dco-assets.everestads.net/ics-campaign//5031/t/8819/12/ Frame 1AC0	8 KB 3 KB	8ms 7ms	Document text/html	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZWhGrQAAEnwnKwmv Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 83771a939a8bcb7fd3f34bf3e5c7193103ffee10406114dd3f1c4ead227aa8ce Request headers Referer https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZWhGrQAAEnwnKwmv Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Content-Encoding gzip Content-Length 2491 Content-Type text/html; charset=UTF-8 Date Thu, 30 Nov 2023 08:24:13 GMT ETag "1a9845367-2181-6056175684c00" Expires Thu, 30 Nov 2023 09:24:13 GMT Last-Modified Fri, 15 Sep 2023 08:20:00 GMT Server Apache Vary Accept-Encoding X-Permitted-Cross-Domain-Policies all
GET H/1.1	200 OK	style.min.css dco-assets.everestads.net/ics-campaign//5031/t/8819/12/css/ Frame 1AC0	4 KB 5 KB	12ms 10ms	Stylesheet text/css	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/css/style.min.css Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:13 GMT Last-Modified Fri, 15 Sep 2023 08:20:00 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "1a921bdf1-11d1-6056175684c00" Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 4561 Expires Thu, 30 Nov 2023 09:24:13 GMT
GET H2	200	AMOLibrary.js Show response ads.everesttech.net/ads/static/local/ Frame 1AC0	5 KB 6 KB	101ms 100ms	Script application/javascript	54.83.164.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ads.everesttech.net/ads/static/local/AMOLibrary.js Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.83.164.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-83-164-47.compute-1.amazonaws.com Software AMO-jAds/1.1 / Resource Hash e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma cache date Thu, 30 Nov 2023 08:24:13 GMT last-modified Wed, 22 Dec 2021 09:29:42 GMT server AMO-jAds/1.1 etag W/"5582-1640165382000" content-type application/javascript cache-control cache,store,max-age=86400 accept-ranges bytes content-length 5582
GET H/1.1	200 OK	script.min.js Show response dco-assets.everestads.net/ics-campaign//5031/t/8819/12/js/ Frame 1AC0	7 KB 8 KB	22ms 11ms	Script text/javascript	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/js/script.min.js Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:13 GMT Last-Modified Fri, 15 Sep 2023 08:20:00 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "1a921bdf4-1cef-6056175684c00" Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 7407 Expires Thu, 30 Nov 2023 09:24:13 GMT
GET H/1.1	200 OK	SegoePro-Semibold.woff dco-assets.everestads.net/ics-campaign//5031/t/8819/12/ Frame 1AC0	29 KB 30 KB	43ms 43ms	Font application/octet-stream	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/SegoePro-Semibold.woff Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c Request headers Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html Origin https://dco-assets.everestads.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:13 GMT Last-Modified Fri, 15 Sep 2023 08:20:00 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "1a9845368-74a0-6056175684c00" Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 29856 Expires Thu, 30 Nov 2023 09:24:13 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C097	42 B 64 B	55ms 55ms	Fetch image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPBL5i8HMAP_JqbyJTF7q3BgtUqsqWhTLc9XJZta-nS6KoH7Vi3wLEbgi8N2FvuIxYfEshakmaF3OXaXAp-dZX1e4DWRQA7Q_uZdbHZLeJMtpzCfUYqYC6g3Dbyl54CLQRECS0L5tbyx1G&sai=AMfl-YSIa5ehaciz0YjNdQIaiyrZWwhPhWmAbp6VvVCNASlJmc9rkzQhauYP3sUP9sYkHAEuGGKp6p3w45n5dNlCP96tE7CXGaA35EBKAfx_abfkzo-JBd-dv7domJyy-2PIsFqm6ADWkA&sig=Cg0ArKJSzMYglAuBIO49EAE&cid=CAQSOwDICaaNO_rfz8AID4gd4fh4Y4p3mIYxymDwDJmIDiQaoGK6i6kaUx6eDye9MhHi8s8n-z-l76konW6MGAE&id=lidar2&mcvt=1000&p=226,1086,826,1386&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701332652380&rpt=322&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D7C0	0 0	50ms 50ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOAUS-1KmwyDK0m9I1FOxFSihzPTsO5uc-2v0ldzgv_UTiEmijd7ds7E12fKKZF3dDfIvo7C5K1vM2h07W9lrhmvKp6B0K-9--n2XWEGZhHRWOTvPperFu0s0ijz4l_Tkbns29_S-AEoxUBQ714jbeSi0TQBM32w&sai=AMfl-YRY1QxiAqOyJbGIzck_Nwc7nSdy7uRPQwHBOPw-wwj_9vYyWM9pNGgDrvDZ3cFzYGIjFo-7X-yxiRWvzavSbyBerFOoaRIG-DpYI4RJ-yL1oonMqLSXqDrjM2gAzw&sig=Cg0ArKJSzGiUoXT4ZniVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=732&vt=11&dtpt=730&dett=4&cstd=0&cisv=r20231128.41344&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1525518/72172421/xbbe/creative/adj?p=APEucNVUrVsbZPIp8cxU0eWLuzzWWUTLhICxSh4Vek6mVX28h-hcxhg&d=CokBAKAmf-DkHcNCIGGrjLvzEidKKuTahq0XM0QCT0Mnb1ZtULwoZ7TpqaDXpnlyS7L0OxAljgq-s-660GgKZ1Wg0pMXSKdaqmUtr6x4RKx44czETz5SJEHAENcztfibpSpG5ipwrrjLl-KvVyOvpZYzxxGfNspLIq00JEAzuM5C8gOSXoJF2AiDjpESmRUAoCZ_4Fe8Kmmt7-B_NwcX_G8reeza0zPBxYHiw0p0M-kWIC_pPfqWQqplAf8H0JP0-Hc5YIKCJvIbeEfPBkwGBnyTQE-0PHCeOsqNeVM5hQcdPmigjksiFDfQ87qkFxMqJhvNwZXPOQajKj8cWtZqotCdibbKpY643DZixqf7VaAnXtgC5k1R-esbPZxowT1g316gyhE2t8QfXUxLJ-YiideF7xM5n_eC7rBJkT2CMjpARrZPBE0QwN4jjZicg1niDPiP1_ZXxTGZMI07IAVl6eE7s-p3ffLoOr6sypYgi7mbI21M98oE7nRgCb88aQKFdhLcY6MEksqdswCLCs2LPN6oNXeSQT74EXA3nc6nhJfmMem1HiMJL8kdmlXp4G2U7g7CJMOVZJIJfU_pS59SgRHJxAjKJJTpYrA4uyLILANmiDeZoaz64F5-JTHnaU22s_XeFl_w_ic105FRKZEk8dW8BICQGkqGeb6sDE8ZBe57Az90jp77eJiPQ6Sj0wRmxKAf0NyqjoQ6ZYQAISL22KNPX2Z7M3iyJ1JXUIAdcsa1rCkmQeIwgg1VwQX8joGG18ntMurNfe_SH25jg0Gmm_NeE0P0-EM48b8e56Lu0VMo9OEGQvELPdVhMZWPtwBuTyfPBJp4BIaQ05U-JljAsJlTEIk49ky6Xqrmt_y-nD63iGYGuELeHOlxZSTCeIN-sNA422ev61UjK4v-0O3IoEkdcsqczU5sl7GiQewSWIMKdLGYqxXsZTmkdBn3yQW3cv4JbjrtwBkQ2McIUrSPmPrcGeT9u5E7gb3s51dIHYrHjBXwWk3F8mVzT6O3WUpcKy2oFdFwcc3tHvKDSG0NqSRA7DaSzD8_sHCsUIvGmDZBLtnyBvTLqxLGxfFJx1rIV7Wv9faQ26qce6pBwHwUmJ2LEhROUwp2OPJcNv-XIax4ZcxwlD-n3WxO70YAWQVl_pnOMxN7l-qPnzZxnfu7cHI4tl3TX2lkgp0uitqBhOrVT2GSwb9EoD4rCyA4WNQbwbjKCeWEeJ1Bw9rpnwRpur79jaJCkfOExHhWqTBFjm9CkT1eqY6RumQvSTXnAsEk0S0sGMfP4OtrjvoI4Vt2Afx1YtwlmTlACBxMJpnwiL1NMep0LDvPhft6EtKCcAtBBwsnAw0N8NMbmi8lkJKO9FwGqsUqxnAJIEa_5Euw7kDMk93b9EQoSSi2BdbOzWbsNv2iQTYQ2mv9gg9f3hWIwFrSquJfB0Q0pw8KzuiyWHIdEmeB-yPCC4GbSp5TPQVNj-j5nhG8YrMpcshho069jd_EavszBFbg-ANvOHcrM1mvXbcBGA58WhcmJwIM6clZpk2syHAzE73FLZmd1BXN4RZYQ6wDZf243_tqyATcUEedDkuMU3trahCEX_hvtMDELJNg1_Jo6U3XFMv_K4E7yhIDYim5tW7uTIEX4bJMF0FyQQFvHJKxbFYt42f31zidymO8VERYc4wpqxXx1uDKA9nhgmLl_0ztZbjcPQM-3TLCiN2Dp97U3uu2RhCGDFeBdZw-On115ylvmkeEco5pwFmDn6Cnsaiet3qCtJdBTHppB6R_zoAjYryMMDuvha9_PqpfqGaBjlq9jTPhaBmInq3nHNeHZQ-IYnTxlhA7Vyr0Ete765S7h5yW_wGLUZIIyevFypdHwVc-sn36uaAASFfPEH43ZiO3NUGbnuCUXzVozMH2kvLOwh86uHQDtTlDtDMJcv8Ab8odvWHAOWdWqWLSRnPIYoTsKngcxTmU1jx5vVD59n97U7ofeNCELHfvbkOBqaf0M-ofw2Pcu8UzOmK9qDAmDaVCBK3lWnHcpdPHShqIDhKNZ2fUD9LQiVX9l-gnorlVwhiTqhc8LK-JBRNw9TDOhAsgLdh_Kco8Map-6bzv8u2Llh8tM_bIgEGn90Z2T2DCy0XFXeO6evJBMwF4WiPvlXgyHVLyEwOkkja8VICCQnLz2LapUi7pxUvx1F3wG_GflF10G4Gg8BfgLcyZdBvIeLp6uYX5E3UenRcarQ52_7Sw5HRgbElhGad_Axg6G3REGlMG9eCZYeUpahHWmwkoRd44p7yyKSFbsCuGWgT8bJCacuWGImhNqkidL0J6-2oOzwLHZAykfnf_XCTBtSYegzaM-cvtiQDI8klNZ3A21lKhGf1pvJN9hp4h8a4_DiKqhETgz4Mi2BVDdJAhOIVeWKOolPWdAxSI5eYCwKWNikHbmrdLlKSkDzElm99ui1fr1yicVWD5bs4jjum3RRMu_sXh8uliy3RAOZXimoQ7hZ3Y4ZzgOo2tbUO8F1JP0rHUXSG-sU7raVwV8n7-2WtZslQtmcTZYwM-s_JfsMyrY9AFcZZ8Q2Fw-_lKojTxJZqYlnFMkdISSAMOZg6NLho5RTAGF4yNg8ahhNAhBq8L9ZhT7UwNDF1_dGPLPJoEz24or-Sk7PhaWeycn-G7cyisoK9k5GeV6LlSYRWOynNF-ByuwG8bCzgF-yMvRAjio2aYVQJHH2un2-32Jf1OBw06N2L9kKvevKldpe2HYv-1CGzIvtqw-TghGjUnr9jSCHvcZvW5iROm9z2qiTRiTmOypbwvbHnJddqcBqDRnLIpCR1Ogk4nnXeKHefNFRWPERBz2euXhEalUWUPMMqf6FomKAqZa6apRhiJR5iHK7Fv6eDf2UkSW8wR4a-8CAc7kl8IKA3KayhC_OWOlmOOfSt7uFLR-0K3rQqcjTGVSCDFMlSGpdGy3O93bK42J42v9jb_rsn7I5UftNzLgA2vwnXKlNHuXUjrD2aX9rnV0EAu6YBXzQAksSZ4XIKYtLTMTZcfVcI4ptdvXJEpT8HGAgUkocAkH3o6NDyni1Joe5jJ2GfSgAO60Ur-23Kp63lNHbLQosDfoazgtKaVqGDQkC6hkn0aJKOTZl7v_bxnvJGa0L6IeHBJ_3_E8gX-jRd95oJXqMhgKJJWau7_UiStR2Rzo2qyT9DYH1Qf6ZF9ujkE2jiLhg7nd6Hsvt6Q517DoBy7r3xi2VuLzOphdszEqhq8TY6AdfhVE6RHv9CUbUXE7ul-46b5GmJaRp2HNQU6EcFvv2ZyFnSWZ4poGBB89SpNKzealICQ4xiQIFtbPRwrAq06wQvCwgj2qo2dIGKRkTVae7oQpjhaQjDYsLGZVoGUe1sBHr9wW6lC0VlIaNewxTxRTfvceRNyjQAOBk8Hvr-uavVwxJtDNYvPtkJC8xgKdqCJhkai_S2VkoEiRxpdW-ByGLxSJEjONTB4dwGWltm0sFlFdtLHyqN2lUIaaITTSRKGPhp55PC1fOOUxlDCbjz3sNPz23nEk7co9YHfsq11s2rTYDnPnO3jel111GuNww-c3kV7aDk9bOBmkeJwEhoA25kP5U2vynk8Ty0M4aOe_WxqX7hYr-o9Qi0dAHRlA6V4Fe71Zv0f9dDn8OaUkvE0YhE9TtkVZY71VijXVo-tfO-CUWhlDWRFHEmlMghBqggIgehohyzGt95wmjuvBDoayPZ2pu94czVy7oZxjnMZZjbWZj4Uo7TVly_EZu607P5sLUYhDjCL9F0acPnMAlghwJYjL9qyxEvYJP5W7NqEcwO7zi3Iz2dN71sWLGtVnWF9GkEIBBI7AMgJpo07-t_PwAgPiB3h-HhjineYhjHKYPAMmYgOJBqgYrqLqRpTHp4PJ70yEeLyzyf7P6XvqSidbowYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20259181566&bidurl=https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gK4wKREb3pVP_KZ8IjJXCx&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:20151681-f351-7c4b-0d2a-976c47c10ef9,c:vrp45p,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lrk77,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:25,oid:d77d0575-8f59-11ee-ab58-ca0d47f0eea5,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers date Thu, 30 Nov 2023 08:24:13 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	101ms 100ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp4m4,time:1057,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1057,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B1047~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:436,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:251%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:13 GMT server nginx x-server-name dt23.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D7C0	42 B 64 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvI3rzetavCrV5upLv-lDC9oALgxPUyqosL1NfRUA0XjwdCYDenxmoNJHu3NEyEZRxCNr81csup131-PZKKETNGTmfgd6hNJ6dgA2FR9Tr-95wVOqzm2og7nJjiVgXCHW3GbVpZ_VKHlzw2&sai=AMfl-YSEZ7vP_FAepn05Q2BTEPE3iyq2GyHQuYQDoYiRWeaO5u_wd7Jpjonwol3oyAUod6Mo9in__50m9Qz8Fe9XVdP5vRtq9_SIKP3creRg8argCwNuiat1-UIwkObOOOvxE92yKEPeqQ&sig=Cg0ArKJSzOsySiwxL2UMEAE&cid=CAQSOwDICaaNO_rfz8AID4gd4fh4Y4p3mIYxymDwDJmIDiQaoGK6i6kaUx6eDye9MhHi8s8n-z-l76konW6MGAE&id=lidar2&mcvt=1000&p=390,510,640,810&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2238348835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701332652325&rpt=1192&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:14 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	e51232cf9fc8dd7b4756cbe34f3be9cc.png dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 1AC0	110 B 497 B	8ms 7ms	Image image/png	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:14 GMT Last-Modified Wed, 29 Nov 2023 09:41:37 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "106564822-6e-60b4757705da1" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 110 Expires Thu, 30 Nov 2023 09:24:14 GMT
GET H/1.1	200 OK	cb995d1f32137efe79c30f04d19700a8.png dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 1AC0	33 KB 33 KB	8ms 8ms	Image image/png	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/cb995d1f32137efe79c30f04d19700a8.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e7a0136c41c74be662c3fd70269e7c5de1535ade482dc344fc56bc340fde8efd Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:14 GMT Last-Modified Wed, 29 Nov 2023 09:42:23 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "1157334b3-841c-60b475a2c53da" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 33820 Expires Thu, 30 Nov 2023 09:24:14 GMT
GET H/1.1	200 OK	cb995d1f32137efe79c30f04d19700a8.png dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 1AC0	33 KB 33 KB	8ms 8ms	Image image/png	23.45.239.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/cb995d1f32137efe79c30f04d19700a8.png Requested by Host: dco-assets.everestads.net URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/js/script.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.45.239.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-209.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e7a0136c41c74be662c3fd70269e7c5de1535ade482dc344fc56bc340fde8efd Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ics-campaign//5031/t/8819/12/300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers Date Thu, 30 Nov 2023 08:24:14 GMT Last-Modified Wed, 29 Nov 2023 09:42:23 GMT Server Apache X-Permitted-Cross-Domain-Policies all ETag "1157334b3-841c-60b475a2c53da" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 33820 Expires Thu, 30 Nov 2023 09:24:14 GMT
GET H2	204	imp analyticspixel.microsoft.com/aid/ Frame 1AC0	0 590 B	151ms 87ms	Image text/plain	204.79.197.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZWhGrQAAEnwnKwmv&dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533438$dcmrenderingid|168595331$dcmsiteid|6958819$dcmplacementid|369668940$customer|Microsoft$dv360auctionid|ct=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0005.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dco-assets.everestads.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:14 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 83924DF9F5944AD4914995015A6BB6A9 Ref B: FRAEDGE1119 Ref C: 2023-11-30T08:24:14Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D7C0	0 20 B	48ms 48ms	Ping image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8244540985464&version=m202309260101&ct=76&x=1&cor=105124684624083060 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	100ms 100ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp4Pv,pingTime:1,time:2882,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1881%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1881,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1871~0,0~100%5D,as:%5B1871~300.250%5D%7D%7D,%7Bsl:i,t:1881,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:251%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:15 GMT server nginx x-server-name dt23.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame D7C0	43 B 215 B	101ms 100ms	Image image/gif	2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=20151681-f351-7c4b-0d2a-976c47c10ef9&tv=%7Bc:vrp4Pw,pingTime:1,time:2883,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:100,vs:i,r:,t:1881%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1881,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1871~0,0~100%5D,as:%5B1871~300.250%5D%7D%7D,%7Bsl:i,t:1881,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tX50qxV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1525518-72172421%7C191%7C1a1%7C1a2%7C1a3,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:25,sis:251%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4282:1b96:c22a:5206:1cd2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://c05e86deddf2a114a0d226a3af92c924.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 Response headers pragma no-cache date Thu, 30 Nov 2023 08:24:15 GMT server nginx x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

app.s.id

URL

https://app.s.id/api/user/me

Domain

sdotid.zendesk.com

URL

https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain

sdotid.zendesk.com

URL

https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain

sdotid.zendesk.com

URL

https://sdotid.zendesk.com/embeddable/config

Domain

region1.analytics.google.com

URL

https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3b60v889124234&_p=1701332649340&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701332649&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=44&tfd=3161

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1701332649340&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=90659549.1701332650&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701332649&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=22&tfd=3161

Domain

home.s.id

URL

https://home.s.id/cdn-cgi/rum?

Domain

cs.chocolateplatform.com

URL

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGUiZvHW5chaQg9SB052jX0&google_cver=1&google_push=AXcoOmT7bLACJ6ZF7Lo86sEBPvmDYPO2BKhY1nxtt7cU1oWLGwpEXAhtQ7S9YHWDFK50D0Lgwqao1HIkuTJNxBdvjSL3LQCWI8zGLg