data-beda.2023lexus.com Open in urlscan Pro
2606:4700:3037::ac43:bd4f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://data-beda.2023lexus.com/
Submission: On March 17 via api (March 17th 2024, 11:54:23 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3037::ac43:bd4f, located in United States and belongs to CLOUDFLARENET, US. The main domain is data-beda.2023lexus.com.
TLS certificate: Issued by E1 on March 16th 2024. Valid for: 3 months.

This is the only time data-beda.2023lexus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3037::ac43:bd4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::93	15169 (GOOGLE) (GOOGLE)
50	10

20 2606:4700:3037::ac43:bd4f (United States)

ASN13335 (CLOUDFLARENET, US)

data-beda.2023lexus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::9c (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	2023lexus.com data-beda.2023lexus.com	176 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	371 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	47 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	70 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 144
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
50	7

	Domain	Requested by
20	data-beda.2023lexus.com	data-beda.2023lexus.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	data-beda.2023lexus.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	data-beda.2023lexus.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
50	9

This site contains no links.

Subject Issuer	Validity	Valid
2023lexus.com E1	`2024-03-16` - `2024-06-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://data-beda.2023lexus.com/
Frame ID: 12390BF242E61CF40059AED729E850A8
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&adk=1812271804&adf=3025194257&lmt=1710719657&plaf=2%3A2&plat=3%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657452&bpp=5&bdt=1515&idt=367&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8538556342276&frm=20&pv=2&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=391
Frame ID: 3B990D0AD42B3907AA9DAE79B7FE8D2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&h=280&slotname=3285157165&adk=358657753&adf=3934925006&pi=t.ma~as.3285157165&w=630&fwrn=4&fwrnh=100&lmt=1710719657&rafmt=1&format=630x280&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657457&bpp=2&bdt=1520&idt=396&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8538556342276&frm=20&pv=1&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=403
Frame ID: AFAE020CA632CC126A98D5AA02A79030
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&h=378&slotname=9435632540&adk=3716723681&adf=3823722170&pi=t.ma~as.9435632540&w=630&cr_col=4&cr_row=2&fwrn=2&lmt=1710719657&rafmt=9&format=630x378&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657459&bpp=2&bdt=1523&idt=427&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=8538556342276&frm=20&pv=1&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=431
Frame ID: CA9810EC62097DFA88BF3C8702B1128A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js
Frame ID: 7DBB218722B65B6CEECA814C89ED32A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05D6DCF3A4D36C6611959385EAA8E22F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42EB262992D39F0BDD6855D6CA3363B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2023lexus.com - Berbagi Informasi Terkini dan Teraktual

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

96 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

666 kB
Transfer

1697 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/adview?ai=CvVtEqYL3ZeeOOtDextYPtYqo4AySv_eUdunNtJnKEaTn8u2VAhABIMXG3oEBYMnujovApIwQoAHI9MXGKcgBCakCAaQ6Sm5HeT6oAwHIA8sEqgTaAU_QB-XMH-7WHJBjIsUuejPX-L6gQ55mZUU9DyiKFAAfGQYj9VyjEymDqARdDkcS2zujsfy2xzuxuqqyVHfo_xeiKssqJhKtETwDYAWoRt0POHXqKpfdSXkKNSteVXDD7En83_MVxgKOiXsFP9EwbnFNzQSnHBtlyT0BTh5fCvw62lxNvBpT08D4od00hRhALlTBXbcSDIxeceEA0w2iFhroD3BKX7nk2CzhQ9tLTEQ6ZBc6OIElwTkuIIdlGidmaY6ohWbzwdDj4G_EH6lIyeD0pnijaoh6ihXiwAT3ruvvtASIBY301ORKkgUECAQYAZIFBAgFGASgBi6AB-jQqqgEqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQs5wE0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WJTvlqy__IQDmgm2AWh0dHBzOi8vdXMuZm9ibHVlLmNvbS9kcz9xPWJlc3QlMjBjdXN0b21lciUyMGRhdGElMjBwbGF0Zm9ybSZyYWM9U2VhcmNoJTIwZm9yJTIwYmVzdCUyMGN1c3RvbWVyJTIwZGF0YSUyMHBsYXRmb3JtJmFzaWQ9Zm9fY2hfYmFfMTcxJm53PWQmZGU9YyZscGlkPTkwMDU1MzImcHViPWRhdGEtYmVkYS4yMDIzbGV4dXMuY29tgAoByAsB2gwQCgoQ8LjAys-xkb5uEgIBA7gT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNzQwNzg2MjM5OTcxODQ1MRgAshgJEgK4UBguIgEA&sigh=xsUn680rkdE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqGAbtAsHCOV6fZx6gsj9YvjFNxRAA0OksG8TO7TuTs9mv3pzyL6BOAG9wjKOdSaAHk69PT9qIJhaVepbzagfRkZCwEygmyESCl0YYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7955146ccb5b91b50000000000000000%22,%222%22:%220xd8f9fa0a923341880000000000000000%22,%223%22:%220x960b547597b08ea20000000000000000%22,%224%22:%220xd2504e80abed2c60000000000000000%22,%225%22:%220x8c2756ad6aed661a0000000000000000%22},%22debug_key%22:%2214033516949783132123%22,%22debug_reporting%22:true,%22destination%22:%22https://foblue.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211153799752%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227817996907662899601%22}&andc=true

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
data-beda.2023lexus.com/ 132 KB
39 KB 1588ms
1474ms Document
text/html 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a42c77ff7be7dcb88d15c9463c88cd166fa7bc9643f05f416b76b4ea747b085

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8660e83069656aee-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 23:54:15 GMT
link: <https://data-beda.2023lexus.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMEc5x49XCLUFZ04lGdCYI7A9AmF7sKP419IAvWl5RbkHhympSK0NIFy%2F%2BAtwJq80ixtkDh%2BCI79CmbVsO3Ca4Za0nTSIpxMlwhCpF4%2FPZxdCnuH9ch1NZ1PbsjzTQDLKD%2BKYwaZJM2XJJAPkeWAJyDByaZ3HA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
data-beda.2023lexus.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 1263ms
1262ms Stylesheet
text/css 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 14:20:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvgAE8vtO8GAlOkdJHQuZEvpCu9FCnQGz2sm3%2FtlVuzoJ9QPAkjHeYvX9DXXmuOOwU%2FTRY1SdYl%2Fr1DeI3NSjV%2FsMpIzKIX9oX0wkZ4fmUOyXn7lrwMQx27rDtlrdxeHcO5x672V4lq85OpxuyvyCentn0zCkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8660e839ac586aee-BUF
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 96c195be-8640-4b66-8580-bb6c3d01253c
https://data-beda.2023lexus.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://data-beda.2023lexus.com/96c195be-8640-4b66-8580-bb6c3d01253c
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 idblog-core.css
data-beda.2023lexus.com/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 536ms
534ms Stylesheet
text/css 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 21:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEqM78g3MzMBCUuToPUW%2F9lJRUvBrfC6qUO3%2FEzgFa1Qgk33zlEfs7tYGKsFlif12EufhLtsrxJLhS09nr5mgCB1C2JM%2B1JNy1ns4YnGoKE38yq8RbG2Fk7nl2Kq%2FECz20TQlQcgcuHMeDM2p9SOr%2BTO5Hjbmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8660e83b3f7e4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 124ms
51ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.1

Requested by

Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 23:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 23:54:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 23:54:16 GMT

GET
H3 200 style.css
data-beda.2023lexus.com/wp-content/themes/superfast/ 45 KB
10 KB 1015ms
1013ms Stylesheet
text/css 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-content/themes/superfast/style.css?ver=2.1.1
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f743ea7fabb6f905eed19b7eeea7b2b4705af2e050392bb21c16f79a74e28a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 21:01:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjHPIuG1Pb5%2BSLr3ra8W%2FIJLk5px1BOeKqOzNwBKLK7vTCJFXfHiBT7pxAaNatWWHBg%2BRj5LxSTuJfp6QXHBF3yyfkTKxqPTrTr5uSZ%2FHjIQVJZ8iuzfny63boVSAfOiMJb7RsZK%2FCBYMf5g%2B6bMXL5O%2BNGkhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8660e83b3f7f4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
data-beda.2023lexus.com/wp-includes/js/jquery/ 86 KB
31 KB 1021ms
1019ms Script
text/javascript 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLOlpwbe5knMqUeK3f9yO2MwcPAhZX6ideO0Nilhs%2BwrwJ33AeDCuyImLaCrrAM9EyrjOV7gpWshZ6yDYhe%2BBIQtEC3jbKe%2Fz2ddYJtG8foJGyZXustLYMECB%2BqL9W17zLcMNTvYx2GQ%2FN6bsjHKI87jvPZtcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8660e83b3f804bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
data-beda.2023lexus.com/wp-includes/js/jquery/ 13 KB
5 KB 563ms
562ms Script
text/javascript 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 20:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIWP%2FZ7PE%2BCW%2BhxQokFkw9IuYORRRa49FqJZIFhOe3e9e6AeZJG53SXtnbldypsIbbJFPPe%2BD7hOWrj5v5ombcIU%2By7jw14kGNed6pnqIucbq%2B1wwTzVzWhMcFSfwGV%2B8Ju2sALmnmf3bEKOxZ7wxvEycV7xBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8660e83b3f814bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
data-beda.2023lexus.com/wp-content/plugins/ads-invalid-click-protection/assets/js/ 2 KB
1 KB 564ms
562ms Script
text/javascript 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-content/plugins/ads-invalid-click-protection/assets/js/script.js
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f54d706d5fdd894d42fe93b32eaaf506f686a1f9630e5acf87562da3c62668

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 21:16:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMGNul543cUV8VywWrxby8sFzuGS0Yyq4eF%2FbHZVyJzjeRgHgPce3iU4nwXrKF1Oct4292PTvV%2BvHPKasjZwGRsunw4q3kBWXRrJPG2di5mhMgMFbWYF1JCUm%2Bm%2Bx4r74lKTnh8hGAQNiAX4kepOqy2uUukUew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8660e83b3f824bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 180ms
108ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7407862399718451

Requested by

Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29dc21b266b5c11709550ce793d9efdbe4d96775ac60765522b807eb167978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data-beda.2023lexus.com/
Origin: https://data-beda.2023lexus.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50750
x-xss-protection: 0
server: cafe
etag: 13397862717812106474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 17 Mar 2024 23:54:17 GMT

GET
H3 200 20221106_213801_0000-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2022/11/ 10 KB
11 KB 548ms
547ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2022/11/20221106_213801_0000-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379552711c1e2a57de472de5b98f320cb6fbe8ae30a9b1da8e799f03add2127e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ASvPNOs7aEdYwxB8gNLu1tl%2BMbyvR%2BKwa9kon2Q9tLd6brXjB9orb%2BBieQ0%2BQBk67BkoY7yYTyx54XU31KDMy3UHPx7nYVxPz6zH%2F3mX9GDCj5Mau12%2BlGmxZVz5PkIwJINYTsCCKId%2Fn4s72A0IXcZ6tyeSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e83b3f834bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 10531

GET
H3 200 Tips-mendapatkan-dana-dengan-cepat-tanpa-ribet-dan-aman-Maucash-e1710049813931-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/11/ 7 KB
8 KB 530ms
529ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/11/Tips-mendapatkan-dana-dengan-cepat-tanpa-ribet-dan-aman-Maucash-e1710049813931-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ac3bcbf3519f7cb5caa6a7d5e621f7dfbf8ae2bd12d26b3e705dc477d321c25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aCJ%2Bh2UwGpk3quWg8IhlfeDH6NGZCmGzgRULk%2BSnCgNUW70iiKYOWwiN7mL18rfxp5M%2FR30%2B5mHoA0dRqKPVVN5oduYfBVsmNbfunp2qV1iyDrmKBaqes3oB8qo%2Bdkq1bu9GQndjDApiCPMlnOBIqNODDSMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e83b3f844bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 7255

GET
H3 200 Dana-Online-Rupiah-Langsung-Cair-AwanTunai-Terbaik-e1710049744821-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/11/ 8 KB
9 KB 284ms
283ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/11/Dana-Online-Rupiah-Langsung-Cair-AwanTunai-Terbaik-e1710049744821-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e8bed80a926a23d1054ca0ffd074ab1cc1f9c33af6df4542a0efc705bd529b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:16 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUOyD%2B17tGbkjX6AuGkk7NstzVwhFlHq862l1cs0z0bMqqdstfJPPjOaZKqwl85V52JEM9glyfMSR9TD1KGlAlUZjgpLxxC4OJ6BFd%2B%2Fs4K3s6vMyG22v6UcHinMq8UiQKv5g2BBv0aopTpmnglhJbdlZAjQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e83e88a74bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 8556

GET
H3 200 customscript.js Show response
data-beda.2023lexus.com/wp-content/themes/superfast/js/ 14 KB
5 KB 296ms
296ms Script
text/javascript 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-content/themes/superfast/js/customscript.js?ver=2.1.1
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 21:01:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2B8iib3hnOJL4wmnqkC%2FIYj2Ctl%2FKFosdetwq9AxjVbW0w8KY5avKoEiC4VPTME04tu4%2Ff2%2BHcUQhHmjxULsMwtgm7gNBDGbd55JsUbkzkwAZH2C4iMfNfQCklpyNZECSYYQaoVgP0qjhSOuef4BwBCN6V%2FqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8660e83ec8b54bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 107ms
36ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://data-beda.2023lexus.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 17:23:37 GMT
x-content-type-options: nosniff
age: 282640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 17:23:37 GMT

GET
H3 200 KTA-Kilat-Pinjaman-Online-Berizin-OJK-Hanya-10-Menit-Langsung-Cair-e1710049689105-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/04/ 6 KB
6 KB 531ms
530ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/04/KTA-Kilat-Pinjaman-Online-Berizin-OJK-Hanya-10-Menit-Langsung-Cair-e1710049689105-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458418f3f9d722ce0a78fd33205bb6b638488c3e61f685ee20ce2d9bf9cc8790

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dm0vfFJtKmtCJmJUjdkLanXyqx5%2BnV7iWeRxoiipwPJQDhVgcjxoGlgRy77tuPYDkopWfNAU1IAk0wKLJiSfKuA8ymKlzNgZ%2F3cnDLJZDm827LegycJXoRgmRvaX%2F5FBMQsgMyW%2BCpAZN15m8b9EPU1bxqHbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f44bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 5980

GET
H3 200 Dana-Mudah-Cair-Kredit-Pintar-Solusi-Kebutuhan-Mendesak-e1710049525164-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/03/ 7 KB
7 KB 531ms
529ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/03/Dana-Mudah-Cair-Kredit-Pintar-Solusi-Kebutuhan-Mendesak-e1710049525164-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f330708b2bd80cca9505e44010b5ab544e1c8a8ba5a1a00defdd8d11cdd55a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uo3V%2F1lc%2BFqo4gNs698OVQ57NeBEAbCHP1iuIow9%2BFpZ0F3AEFJbAnC4otkcp0v5eQFPqSkxuTF%2BfABsTwIDeCdF%2FraHWLObQSgAuP2OWgSRJh3lDXaRmukuRdNLiIMFI307AN9osRppsFJ7zRC2WsM3F19PTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f54bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 6914

GET
H3 200 Aplikasi-JadiDuit-Cara-mudah-menghasilan-Duit-e1710049451104-200x135.jpg
data-beda.2023lexus.com/wp-content/uploads/2024/02/ 8 KB
8 KB 550ms
548ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2024/02/Aplikasi-JadiDuit-Cara-mudah-menghasilan-Duit-e1710049451104-200x135.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de57b435201351335d571d1e65b40d66d0dbf76c810f41e3925b49f588b4ecc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpTkedELnimk34rsr6zq2NEOQVnWgh2p%2BZ6eXfceCDSCmLiWFzpLJ%2BqbUVsFu6qMHjs88bmx%2FFIbASN6fKisLhO9Q%2BAfIafyoubqQT1H3S5gz6oqI6g0ZPzA%2FYpbu5Acri64oJRPTjLZtQRAaSKR7NZOqaki6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f64bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 8094

GET
H3 200 20221106_213801_0000-60x60.jpg
data-beda.2023lexus.com/wp-content/uploads/2022/11/ 3 KB
3 KB 288ms
287ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2022/11/20221106_213801_0000-60x60.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1d4e1de77f3d3f9a11c542ea9400ad0246d03fc7a71386d77e6739c582d481

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWeXgyzrTRQifGlLx9yF4IGnbN2kvoFkVKS4KOSDkPdTw%2F4wx%2BJQmd9AWgK%2Fa%2BCVEVRvjQ1pwUZewHq2OJicPqVCSvbtdfVp9kGJuDnioJaXuijxbNI3Sit1aSjEF8546ha9A9E%2F5fWJQFbu5aQfE%2FF25aZ8YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f74bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2793

GET
H3 200 Tips-mendapatkan-dana-dengan-cepat-tanpa-ribet-dan-aman-Maucash-e1710049813931-60x60.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/11/ 2 KB
2 KB 532ms
530ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/11/Tips-mendapatkan-dana-dengan-cepat-tanpa-ribet-dan-aman-Maucash-e1710049813931-60x60.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210ecd7618dcd9ec0ec5d099d52cdf5bbc99a186ac50552361e07d4fc4e477c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ldmnitpuc4UVog5crmp9FLv2vrYBuyFzd6BArB3t%2FBAgPYnuPiqseZniVtQWU1gZeo8HpBNHoH7B9E%2F1WD%2FR%2BqndXPdIaRpTchysvBIgycxNZlTKr0wZj2t1qAqrnCiuqCohwh4uMAYqsZpobESpunpo6PPMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f84bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 1938

GET
H3 200 Dana-Online-Rupiah-Langsung-Cair-AwanTunai-Terbaik-e1710049744821-60x60.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/11/ 2 KB
3 KB 528ms
527ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/11/Dana-Online-Rupiah-Langsung-Cair-AwanTunai-Terbaik-e1710049744821-60x60.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59f8e6489b664efa6ac8598fee0838c8b8dd1e57c539c74d5dfd3d04240087f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utd2bYc9uklXCZu8hi8pITqBrNsTANLWq%2B7yYIAtoqU%2Fq30qjA%2B1dZwZyBtaq7h9cEXkyqhUfYCyKCc5Z%2FoIrvcqM18jMph2PO8X%2BkZWFGWu0fCrT6CYJKNm1NBCSBR5vrYSo9xAjP7GMpc5ZJ1NAiWC6%2FE5eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219f94bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2136

GET
H3 200 KTA-Kilat-Pinjaman-Online-Berizin-OJK-Hanya-10-Menit-Langsung-Cair-e1710049689105-60x60.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/04/ 2 KB
2 KB 288ms
287ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/04/KTA-Kilat-Pinjaman-Online-Berizin-OJK-Hanya-10-Menit-Langsung-Cair-e1710049689105-60x60.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 355497ca14681bc5fae6059c34362208a37faf33ac315abe5b90d8f1934058e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpL%2FAXlyhG6VvElghwxnXJgY2%2BqLx07rM%2F33J1%2Bzi9W6sDSgq8pIatuf8ujNHiAhb%2BWAMHEHYDgXU9MD%2FIGDZYC6ImJcfuB%2BPsx8y6G7uImK31iD7I0o8rXYeUW%2BmD8TaVHKQ2XzvSoXjR63fmD8x8mfC3sPlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219fa4bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 1695

GET
H3 200 Dana-Mudah-Cair-Kredit-Pintar-Solusi-Kebutuhan-Mendesak-e1710049525164-60x60.jpg
data-beda.2023lexus.com/wp-content/uploads/2023/03/ 2 KB
2 KB 530ms
529ms Image
image/jpeg 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data-beda.2023lexus.com/wp-content/uploads/2023/03/Dana-Mudah-Cair-Kredit-Pintar-Solusi-Kebutuhan-Mendesak-e1710049525164-60x60.jpg
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441234bd58fa869cffa23b0f9e6aea0a263e5cbe1b886d6e688bf7a90015d21e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
cf-cache-status: MISS
last-modified: Sat, 16 Mar 2024 12:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1mfuB%2FF%2FZMxyf6K%2BvsVMpF1GIMqURV5n%2BRE7bcrim%2FpHWPONTionpkblBI3jmWH7%2FEt1jG%2FVz3VdWeI5EFH4FNcz4wt7361oXq79tZZk2EqeJ%2BuJMaXtMpQYCcSUio9PGBVpycsGtDtVFTC4f8gIPHSEGTbPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8660e84219fb4bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2006

GET
H3 200 wp-emoji-release.min.js Show response
data-beda.2023lexus.com/wp-includes/js/ 18 KB
5 KB 799ms
798ms Script
text/javascript 2606:4700:3037::ac43:bd4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beda.2023lexus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: data-beda.2023lexus.com
URL: https://data-beda.2023lexus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 19:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0Q%2BL47g9bq9u3zYpH9%2B1qZwjkBf8Xvm%2BsY7La4ZAvhZ%2F592lHQvWNP1mQKk13QypHiTlbmEtqnmekt5x6%2BLPXgB0aR5G83hD8OH%2B2JtOlp93kdwySlqfntdxgMU3Wo11b3%2Fb%2BcAj5z0893SQEjshp%2FASt8TwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8660e8421a004bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 405 KB
138 KB 200ms
131ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7407862399718451

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9d0f5b0bb6bd94706833cb7c93de82b67ae1e5f9f54275f09ee769fd9053cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140956
x-xss-protection: 0
server: cafe
etag: 16112274365986177521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Mar 2024 23:54:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B99 10 KB
4 KB 515ms
444ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&adk=1812271804&adf=3025194257&lmt=1710719657&plaf=2%3A2&plat=3%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657452&bpp=5&bdt=1515&idt=367&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8538556342276&frm=20&pv=2&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=391

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78bebbb2040c1f8617f41ceb2ca6199bcf040bb58412692124494a7a9df6b713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data-beda.2023lexus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4370
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 23:54:18 GMT
expires: Sun, 17 Mar 2024 23:54:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFAE 120 KB
41 KB 502ms
447ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&h=280&slotname=3285157165&adk=358657753&adf=3934925006&pi=t.ma~as.3285157165&w=630&fwrn=4&fwrnh=100&lmt=1710719657&rafmt=1&format=630x280&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657457&bpp=2&bdt=1520&idt=396&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8538556342276&frm=20&pv=1&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=403

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe684ce11c2186a6541eebde9eee0baa7d08e21b8cf709206fda864b368f354c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data-beda.2023lexus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41750
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 23:54:18 GMT
expires: Sun, 17 Mar 2024 23:54:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA98 853 B
917 B 420ms
395ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&h=378&slotname=9435632540&adk=3716723681&adf=3823722170&pi=t.ma~as.9435632540&w=630&cr_col=4&cr_row=2&fwrn=2&lmt=1710719657&rafmt=9&format=630x378&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657459&bpp=2&bdt=1523&idt=427&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C630x280&nras=1&correlator=8538556342276&frm=20&pv=1&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=431

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92a7354f43ad1a1330bf70c0c97e2f71acf9d728f6650d5e6684e95ed84f179a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data-beda.2023lexus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 23:54:18 GMT
expires: Sun, 17 Mar 2024 23:54:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame AFAE 4 KB
775 B 50ms
50ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7407862399718451&output=html&h=280&slotname=3285157165&adk=358657753&adf=3934925006&pi=t.ma~as.3285157165&w=630&fwrn=4&fwrnh=100&lmt=1710719657&rafmt=1&format=630x280&url=https%3A%2F%2Fdata-beda.2023lexus.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710719657457&bpp=2&bdt=1520&idt=396&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8538556342276&frm=20&pv=1&ga_vid=349281242.1710719658&ga_sid=1710719658&ga_hid=847685540&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95326316%2C95327951%2C95327955%2C95320378%2C95325784%2C95326915&oid=2&pvsid=972703134993523&tmod=392946896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=403

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Mar 2024 23:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Mar 2024 22:03:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Mar 2024 23:54:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AFAE 2 KB
903 B 112ms
40ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame AFAE 23 KB
9 KB 151ms
84ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AFAE 3 KB
1 KB 156ms
91ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AFAE 20 KB
8 KB 102ms
36ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:03:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AFAE 208 KB
63 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 00:23:34 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame AFAE 36 KB
15 KB 109ms
35ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:33:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15574494496535585493/ Frame AFAE 6 KB
6 KB 157ms
94ms Image
image/png 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15574494496535585493/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064d1aca3326fbd57e4015245ae82c9e11f14d5b64da25a55f3d955894bcef71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sun, 17 Mar 2024 23:54:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5664
x-xss-protection: 0
last-modified: Thu, 04 May 2023 09:31:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Mar 2025 23:54:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9358140814190165746/ Frame AFAE 36 KB
37 KB 104ms
41ms Image
image/jpeg 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9358140814190165746/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ccba6546ecf26aa5cd037b7bae44c3d530159423b736d7fa8b147d5845486ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 16 Mar 2025 14:30:54 GMT
date: Sat, 16 Mar 2024 14:30:54 GMT
x-content-type-options: nosniff
age: 120204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37085
x-xss-protection: 0
last-modified: Thu, 04 May 2023 09:31:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AFAE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a1b88d20bbab09d5dc8ee25b7e3ab5f9db40e8ae8ec2319f1f491c8d680a5e8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AFAE 15 KB
16 KB 35ms
34ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 06:52:14 GMT
x-content-type-options: nosniff
age: 406924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 06:52:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AFAE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CvVtEqYL3ZeeOOtDextYPtYqo4AySv_eUdunNtJnKEaTn8u2VAhABIMXG3oEBYMnujovApIwQoAHI9MXGKcgBCakCAaQ6Sm5HeT6oAwHIA8sEqgTaAU_QB-XMH-7WHJBjIsUuejPX-L6gQ55...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7955146ccb5b91b50000000000000000%22,%222%22:%220xd8f9fa0a923341880000000000000000%22,%223%22:%220x960b54...

0
0

178ms
97ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7955146ccb5b91b50000000000000000%22,%222%22:%220xd8f9fa0a923341880000000000000000%22,%223%22:%220x960b547597b08ea20000000000000000%22,%224%22:%220xd2504e80abed2c60000000000000000%22,%225%22:%220x8c2756ad6aed661a0000000000000000%22},%22debug_key%22:%2214033516949783132123%22,%22debug_reporting%22:true,%22destination%22:%22https://foblue.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211153799752%22],%2222%22:[%22true%22],%224%22:[%2203-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227817996907662899601%22}&andc=true

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7955146ccb5b91b50000000000000000","2":"0xd8f9fa0a923341880000000000000000","3":"0x960b547597b08ea20000000000000000","4":"0xd2504e80abed2c60000000000000000","5":"0x8c2756ad6aed661a0000000000000000"},"debug_key":"14033516949783132123","debug_reporting":true,"destination":"https://foblue.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11153799752"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"7817996907662899601"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Mar 2024 23:54:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Mar 2024 23:54:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7955146ccb5b91b50000000000000000","2":"0xd8f9fa0a923341880000000000000000","3":"0x960b547597b08ea20000000000000000","4":"0xd2504e80abed2c60000000000000000","5":"0x8c2756ad6aed661a0000000000000000"},"debug_key":"14033516949783132123","debug_reporting":true,"destination":"https://foblue.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11153799752"],"22":["true"],"4":["03-17"],"6":["true"]},"priority":"500","source_event_id":"7817996907662899601"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 103ms
102ms XHR
application/json 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bbe759ae1e700989a5e2db1d93ca47b80e65caeab1a669c28194373e2222466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12493
x-xss-protection: 0

GET
H3 200 d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DBB 52 KB
20 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:26:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 286059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20181
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Mar 2025 16:26:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 161ms
90ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 23:54:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
43ms Script
text/javascript 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 23:54:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05D6 13 KB
5 KB 35ms
35ms Document
text/html 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://data-beda.2023lexus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 192770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Mar 2024 18:21:28 GMT
expires: Sat, 15 Mar 2025 18:21:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 42EB 829 B
1 KB 121ms
50ms Document
text/html 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05850887b96cb2acd626508c5a2255ec904a354874de508388f39c202367ba6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DIRqf8suwRTY395F_PSr6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://data-beda.2023lexus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DIRqf8suwRTY395F_PSr6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 23:54:18 GMT
expires: Sun, 17 Mar 2024 23:54:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame 05D6 40 KB
15 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 17:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Mar 2025 17:05:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 42EB 0
0 91ms
91ms Image
text/html 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=972703134993523&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 05D6 0
10 B 34ms
33ms Image
text/plain 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yuAWQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 23:54:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
98ms Image
text/html 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=972703134993523&bg=!mpmlmdbNAAY_ejuoH3o7ADQBe5WfODsZPjGaUNqDuICnQjUAE2fYa4Sj0dDO-fdZVNEzDCfBBupdN5fOqgVdoEEc-9pUAgAAAFZSAAAAAmgBBwoAZm8FMgPpbb3ehJi6dikUt004LoAaiDImEkjRNc_Y3L-QySd8Eo5PtsbDMImbT8dOirlFw0kRSu_xe0sHn95YPyWWDCYMTEbM-SoFW9L0_Ma117qzorzKJiuxhXz5SmcB73CbZGESnJkC2upLj7DfuHgs3XkmNCuj_sXnjKVk3qViem4Q98knhUTXdPZDfVuSuBSoNA3iP5LZwezMo9u2wqsC2BbSQEJWjJiO0M7QkCbRHXUQ5ri0auimX9Y8u-Y5-ABigZ-rZtKksez0I9Q35jpmm4sNDine9qz3yN3fwlSgCcoO2qEcvdug44HoM2kuXf0plYxmL4U1UIaIkwlVmF541o9TimjmjdJBz2pO5S7uKiQIbd4bfA59NwPrIu1IF-q4CZ716HRw9NxWkjdilrTPPrjxCBkAFgFIVk4ErtgoYs-1TlJI03NrZyphI-ZaSPyH0VzhBNq7kEXOGwDzFNJAKUGPdSkauRhE4SNBw8qZNzHF9KDsTJOUrI8qXeG_RaOj-LLWuQP3uAOvvfJeqAMmR4_C9LJt27QE1vfHvThSF1p5_HVsLnITDHsW3s6fFN3rVaeivjBOITeVr5ykIjDE9_3EUGn65hG5zA-0-c2kTYaCLUfaiuYuW0eL_XMRO6sLQzrrZI5vohdUl84BbxzYmQ-vT-xolKA1cwcmv-S0nYhkt3tLmdnAJ3F-wjh5NLySf924uL8W0ENg1gvsxL15wRL2tGIbnZfz8pdovxdQ-ib-l8a0cOPkaSgWpb1QBLJPNtw-NDbxIUfWHgePlKfJPDOQ0bCPQczBGwBZspGENxQsobJxedpOEZ_RuyHh7mafOfF0CBpwSSmzSd44IF8Pta2z_NOoWsZjjtj03_CH50EkULjNzaS8Dd5yvpB6gghf33v3C9hHA7aycCdOUFLRx98vq5xLijpKrxM9sDwpFC8mb6ybiSD-BefSyDWAm_lwUdgUt5YSV-_upYgUeD4QdYzSJTsknWsTxzNSpJ4T24anNX2QBqxZSLnvBsnFfoI-Jsjf2pupI5jiiFzaguL4d97MmSMgnfzTCP1Hu6_H-Ld93MS7pcr1Wubv5MQf8dCpX9d86wID3hM7yK5vgjSny2c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://data-beda.2023lexus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFAE 42 B
64 B 93ms
93ms Fetch
image/gif 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3OGT63UpXKtmMIpnW63wPh7kqjbOWplOra_yWJr77WZgwicjmFlj2vOA5x5CVXNfddvMUiU-Nb2Kgw179Jlkb72YA0BbhVioN9ys9G_ugk_q2SUbZpyUZ53D0tLp1WDpgUbsh1tefv8tDkqg1HbkA1DoK0N8BC-g&sai=AMfl-YTH_fMtah-JnUnVX7Eptbnn2MDz6QvvAmvUX6AdCSdzAAm5bLJLh0DdP1ker5c9lTIwCJPFV3KnDL2DwEF5dWV4wu_tjAAkvr-bTN3q2Gzsfb0Ypyxp4-EjZcfWRHMCIgC7TQgKCFk28Wq2De9Drg&sig=Cg0ArKJSzNCd2ZXaTWzCEAE&cid=CAQSTwB7FLtqGAbtAsHCOV6fZx6gsj9YvjFNxRAA0OksG8TO7TuTs9mv3pzyL6BOAG9wjKOdSaAHk69PT9qIJhaVepbzagfRkZCwEygmyESCl0YYAQ&id=lidar2&mcvt=1000&p=0,0,280,630&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=358657753&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=665245800&rst=1710719657861&rpt=752&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 23:54:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2023lexus.com/	1970-01-21 04:33:35	Name: __gads Value: ID=f3b42c8a6f4bbb0e:T=1710719657:RT=1710719657:S=ALNI_MaxyJdd6EcfhGI4p-n_caAK_T-bBA
.2023lexus.com/	1970-01-21 04:33:35	Name: __gpi Value: UID=00000dd35a39d738:T=1710719657:RT=1710719657:S=ALNI_MZDshNdYCC0HRXbEiPu3NB5ZRZhQQ
.2023lexus.com/	1970-01-20 23:31:11	Name: __eoi Value: ID=76c669461996b457:T=1710719657:RT=1710719657:S=AA-Afjau7-B8ovEVyu8Lo_drEOBZ
.doubleclick.net/	1970-01-21 04:47:59	Name: IDE Value: AHWqTUkWmc4RLNQ7fMtthGYplW-EDKyeIhRm3nxm4LDsxYNDa4MpI7-W0RUE2uLqu88
.googleadservices.com/	1970-01-20 21:21:35	Name: ar_debug Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://data-beda.2023lexus.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data-beda.2023lexus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
172.253.122.155
2606:4700:3037::ac43:bd4f
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::93
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::84
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
05850887b96cb2acd626508c5a2255ec904a354874de508388f39c202367ba6e
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
064d1aca3326fbd57e4015245ae82c9e11f14d5b64da25a55f3d955894bcef71
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1ac3bcbf3519f7cb5caa6a7d5e621f7dfbf8ae2bd12d26b3e705dc477d321c25
1ccba6546ecf26aa5cd037b7bae44c3d530159423b736d7fa8b147d5845486ba
210ecd7618dcd9ec0ec5d099d52cdf5bbc99a186ac50552361e07d4fc4e477c8
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
355497ca14681bc5fae6059c34362208a37faf33ac315abe5b90d8f1934058e5
379552711c1e2a57de472de5b98f320cb6fbe8ae30a9b1da8e799f03add2127e
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41f330708b2bd80cca9505e44010b5ab544e1c8a8ba5a1a00defdd8d11cdd55a
441234bd58fa869cffa23b0f9e6aea0a263e5cbe1b886d6e688bf7a90015d21e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
458418f3f9d722ce0a78fd33205bb6b638488c3e61f685ee20ce2d9bf9cc8790
4a29dc21b266b5c11709550ce793d9efdbe4d96775ac60765522b807eb167978
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5bbe759ae1e700989a5e2db1d93ca47b80e65caeab1a669c28194373e2222466
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184
78bebbb2040c1f8617f41ceb2ca6199bcf040bb58412692124494a7a9df6b713
7a1b88d20bbab09d5dc8ee25b7e3ab5f9db40e8ae8ec2319f1f491c8d680a5e8
8a42c77ff7be7dcb88d15c9463c88cd166fa7bc9643f05f416b76b4ea747b085
92a7354f43ad1a1330bf70c0c97e2f71acf9d728f6650d5e6684e95ed84f179a
a9d0f5b0bb6bd94706833cb7c93de82b67ae1e5f9f54275f09ee769fd9053cfd
b59f8e6489b664efa6ac8598fee0838c8b8dd1e57c539c74d5dfd3d04240087f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d3f743ea7fabb6f905eed19b7eeea7b2b4705af2e050392bb21c16f79a74e28a
de57b435201351335d571d1e65b40d66d0dbf76c810f41e3925b49f588b4ecc3
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e1f54d706d5fdd894d42fe93b32eaaf506f686a1f9630e5acf87562da3c62668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e8bed80a926a23d1054ca0ffd074ab1cc1f9c33af6df4542a0efc705bd529b
eb1d4e1de77f3d3f9a11c542ea9400ad0246d03fc7a71386d77e6739c582d481
edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fe684ce11c2186a6541eebde9eee0baa7d08e21b8cf709206fda864b368f354c

data-beda.2023lexus.com Open in urlscan Pro 2606:4700:3037::ac43:bd4f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

89 %IPv6

7 Domains

9 Subdomains

10 IPs

1 Countries

666 kBTransfer

1697 kBSize

5 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

data-beda.2023lexus.com Open in urlscan Pro
2606:4700:3037::ac43:bd4f Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

666 kB
Transfer

1697 kB
Size

5
Cookies

50 HTTP transactions
1 data transactions