Submitted URL: https://s.id/5671102AA
Effective URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source...
Submission: On December 13 via api from LU — Scanned from DE

Summary

This website contacted 60 IPs in 13 countries across 47 domains to perform 256 HTTP transactions. The main IP is 2606:4700:20::681a:7f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.s.id.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.
This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 193.84.85.178 59796 (STORMWALL-AS)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
11 104.18.72.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 45.126.58.90 132647 (IDNIC-PAN...)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 104.16.51.111 13335 (CLOUDFLAR...)
28 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.159.138.6 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.95.74 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 141.95.98.65 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 52.48.81.28 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 21 172.217.18.2 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
5 6 185.89.210.141 29990 (ASN-APPNEX)
10 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 64.233.167.157 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
2 2 213.155.156.185 1299 (TWELVE99 ...)
2 2 52.86.155.246 14618 (AMAZON-AES)
1 1 193.0.160.131 54312 (ROCKETFUEL)
2 2 35.214.190.53 15169 (GOOGLE)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 2 134.122.57.34 14061 (DIGITALOC...)
3 3.123.203.242 16509 (AMAZON-02)
1 69.166.1.34 27630 (AS-XFERNET)
1 1 124.146.153.166 2514 (INFOSPHER...)
1 52.194.23.155 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 54.247.4.160 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2 37.157.3.26 198622 (ADFORM)
1 52.59.107.120 16509 (AMAZON-02)
1 2 51.89.9.251 16276 (OVH)
1 2 108.128.70.10 16509 (AMAZON-02)
3 142.250.186.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:212... 16509 (AMAZON-02)
2 142.250.184.194 15169 (GOOGLE)
1 217.79.188.46 24961 (MYLOC-AS ...)
1 1 217.79.188.21 24961 (MYLOC-AS ...)
1 217.79.188.59 24961 (MYLOC-AS ...)
6 2600:1f13:800... 16509 (AMAZON-02)
256 60
Apex Domain
Subdomains
Transfer
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 293
483 KB
46 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
606 KB
39 s.id
s.id — Cisco Umbrella Rank: 135548
home.s.id — Cisco Umbrella Rank: 893356
app.s.id — Cisco Umbrella Rank: 410529 Failed
blog.s.id
764 KB
22 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-4g5ednsl.c.2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
4 MB
14 gstatic.com
csi.gstatic.com
fonts.gstatic.com
63 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
104 KB
11 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2043
ekr.zdassets.com — Cisco Umbrella Rank: 2264
252 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
705 KB
8 google.com
accounts.google.com — Cisco Umbrella Rank: 23
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
81 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
ajax.googleapis.com — Cisco Umbrella Rank: 340
300 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
5 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 adition.com
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54473
imagesrv.adition.com — Cisco Umbrella Rank: 17335
625 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
748 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 zendesk.com
sdotid.zendesk.com Failed
shortener.zendesk.com
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6765
625 B
2 demdex.net
jpmcbankna.demdex.net — Cisco Umbrella Rank: 9566
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
584 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
801 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
651 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
23 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 6834
44 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
1018 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
401 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
715 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2935
1 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
684 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 protagcdn.com
protagcdn.com — Cisco Umbrella Rank: 102840
126 KB
1 adg.id
cdn-sdotid.adg.id — Cisco Umbrella Rank: 398617
39 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
256 47
Domain Requested by
28 pagead2.googlesyndication.com blog.s.id
pagead2.googlesyndication.com
tpc.googlesyndication.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
21 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
21 blog.s.id home.s.id
blog.s.id
static.cloudflareinsights.com
16 s0.2mdn.net home.s.id
s0.2mdn.net
15 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
imasdk.googleapis.com
home.s.id
15 home.s.id home.s.id
static.cloudflareinsights.com
10 csi.gstatic.com imasdk.googleapis.com
9 securepubads.g.doubleclick.net blog.s.id
securepubads.g.doubleclick.net
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
9 googleads.g.doubleclick.net www.googletagmanager.com
pagead2.googlesyndication.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
9 static.zdassets.com home.s.id
static.zdassets.com
blog.s.id
9 www.googletagmanager.com home.s.id
www.googletagmanager.com
blog.s.id
6 dt.adsafeprotected.com
5 www.google.com home.s.id
tpc.googlesyndication.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
4 r1---sn-4g5ednsl.c.2mdn.net
4 fonts.gstatic.com fonts.googleapis.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 imasdk.googleapis.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
4 ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.adsafeprotected.com fw.adsafeprotected.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
3 googleads4.g.doubleclick.net home.s.id
3 x.bidswitch.net ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
3 www.google.de home.s.id
blog.s.id
2 ade.googlesyndication.com
2 jpmcbankna.demdex.net 1 redirects ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2 onetag-sys.com 1 redirects ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 fw.adsafeprotected.com 1 redirects home.s.id
2 gcdn.2mdn.net 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 csync.loopme.me 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 fonts.googleapis.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 sdotid.zendesk.com static.zdassets.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 ekr.zdassets.com static.zdassets.com
2 connect.facebook.net home.s.id
connect.facebook.net
2 static.cloudflareinsights.com home.s.id
blog.s.id
2 s.id 2 redirects
1 imagesrv.adition.com
1 ad2.adfarm1.adition.com 1 redirects
1 ad4.adfarm1.adition.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 ajax.googleapis.com s0.2mdn.net
1 match.sharethrough.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1 cc.adingo.jp ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 sync.go.sonobi.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 a.rfihub.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.adsrvr.org ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1 www.googletagservices.com ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 shortener.zendesk.com static.zdassets.com
1 protagcdn.com blog.s.id
1 cdn-sdotid.adg.id blog.s.id
1 www.facebook.com home.s.id
1 accounts.google.com home.s.id
1 app.s.id home.s.id
256 77

This site contains links to these domains. Also see Links.

Domain
s.id
protagcdn.com
home.s.id
instagram.com
twitter.com
facebook.com
tiktok.com
Subject Issuer Validity Valid
s.id
GTS CA 1P5
2023-12-08 -
2024-03-07
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-21 -
2023-12-20
3 months crt.sh
zdassets.com
E1
2023-10-23 -
2024-01-21
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
app.s.id
R3
2023-12-06 -
2024-03-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sdotid.zendesk.com
Cloudflare Inc ECC CA-3
2023-11-19 -
2024-11-18
a year crt.sh
adg.id
E1
2023-10-28 -
2024-01-26
3 months crt.sh
*.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
protagcdn.com
E1
2023-10-27 -
2024-01-25
3 months crt.sh
zendesk.com
E1
2023-11-17 -
2024-02-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03
2023-09-13 -
2024-10-12
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-11-14 -
2024-01-23
2 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4
2023-05-08 -
2024-06-08
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh

This page contains 22 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Frame ID: 10E2EB35CC987366F06C5A71C1991EF6
Requests: 92 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: 44502D996890C9A309D142D97AFF7E13
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html
Frame ID: BB91E0D9BA2F6CF86F8D997C83E3DC40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1702431210&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702431210699&bpp=3&bdt=121&idt=193&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8535591287261&frm=20&pv=2&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C31080037%2C95320884&oid=2&pvsid=2911362765832022&tmod=1682469535&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 413B26EF381C7EDDD5115624C83ED0B7
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js
Frame ID: 27083278435855D19028D0D75E822E56
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C63C93F498C6AA3313D0570CE60E9DA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F968D7C186CCBB92E9C54C561C0787B
Requests: 2 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0F30AB63B0E104EEA29DAA50ABB88E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: 86136DFE964CBA911F9037629E4C72F9
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8DCE1CCE8AA4A5DC9D6D049C03657CF2
Requests: 1 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC883308A65A70B8021FD7EE887B1F2E
Requests: 34 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11129BD3208D724D61BC2D8F1C950CFF
Requests: 20 HTTP requests in this frame

Frame: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA2F10DE0834F16C1C26C567D0D0F32D
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Frame ID: 5BC354BCB2FB55C3FC82897458E24B5C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC6C1425ECA273808E439711AF85BFFD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20A4FE2BC8249BED94859AEA67483575
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 19B690CA1DAB51EFA38E034008AC7134
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7BB5DF273E2F36BA5F2F24213EE92A51
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87CADF5C1AACF46169A6D13D9757D7F4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA0E85994994A04CAE3C9F680426FCE5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Frame ID: BAFC072C57C1F4E911EA03692A352ABD
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EE20890D65844B7EF57EC4832823F3DA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

“Oops, you are accessing a Forbidden Link!” What does that mean? - s.id

Page URL History Show full URLs

  1. https://s.id/5671102AA HTTP 302
    https://home.s.id/forbidden Page URL
  2. https://s.id/1SV77?s=skip HTTP 302
    https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

256
Requests

89 %
HTTPS

46 %
IPv6

47
Domains

77
Subdomains

60
IPs

13
Countries

8293 kB
Transfer

15429 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.id/5671102AA HTTP 302
    https://home.s.id/forbidden Page URL
  2. https://s.id/1SV77?s=skip HTTP 302
    https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s.id/5671102AA HTTP 302
  • https://home.s.id/forbidden
Request Chain 107
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
Request Chain 135
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkJ6.8IKvdk-iNUwbjKrgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBLK9xinpbOSXLZBvOjZgfg&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1
Request Chain 137
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D
Request Chain 155
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEq3jgSehWd7u8AjVRkvl8k&google_cver=1&google_push=AXcoOmQrGb-K1nTHB23bhf67KVMXTnGxBeYB4egk0tm_fgqooQ01SpU27hDjDAb-9Lh0cvR65xlTMSWYaikqlA7mbR9-CoN60M8bfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---
Request Chain 156
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA
Request Chain 157
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA
Request Chain 158
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECvnlr7LnLp5V2oYPxwB5Z4&google_cver=1&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=
Request Chain 159
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFBTpngPMUYYU2LoWEm0_-4%26google_cver%3D1%26google_push%3DAXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw
Request Chain 160
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&google_cver=1&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}
Request Chain 162
  • https://um.simpli.fi/gp_match?google_gid=CAESEDtkhVFcne1opszwlNsEgJE&google_cver=1&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
Request Chain 163
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz
Request Chain 166
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_cver=1&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB
Request Chain 176
  • https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/66A02A84C423FFF94D01D96061B7440CF279693C.970738DEDBC7764F1CE7BF78DE205B58A774343F/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Request Chain 182
  • https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A9F1571875648A5226C56D43DD9AF91989C898F9.4E2C2C8E061932FD2E43955E6465D0D1E2C2D541/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Request Chain 198
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E
Request Chain 200
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E
Request Chain 201
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w
Request Chain 203
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHOW21-YQMgMe7e_p_QHFb8&google_cver=1&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 204
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&google_cver=1&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}
Request Chain 206
  • https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519 HTTP 302
  • https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
Request Chain 231
  • https://ad2.adfarm1.adition.com/banner?sid=5151015&gdpr=&gdpr_consent=&kid=6224187&bid=18978849&wpt=C&ts=[timestamp] HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 241
  • https://fw.adsafeprotected.com/rfw/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9&adsafe_url=https%3A%2F%2Fblog.s.id&adsafe_type=y&adsafe_url=https%3A%2F%2Fblog.s.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:75148285-57a9-340c-4f33-6dc5df66d372,c:wDKvF0,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6bd95bc6b4-cdzjv,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:168,mot:0,app:0,maw:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:178,oid:a01ccad0-9957-11ee-83f4-169fce58514f,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

256 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
forbidden
home.s.id/
Redirect Chain
  • https://s.id/5671102AA
  • https://home.s.id/forbidden
73 KB
24 KB
Document
General
Full URL
https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
fe07efdd5e684d45122a423912418479f077788be884c22db961d91332fb690b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
BYPASS
cf-ray
834a758eb91a373d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 01:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WEIVOb2AqM9eHt6LgDibyUVtYbBGcwl%2FIGRDCoZ74bDKgQyp7evss15Vi%2BUUzGen%2FwojdfmgIp6K%2B%2F%2FqlA5CSot07YmkYw74a3g%2FTXNyw0cmU27ItFl%2F5qyrPtaIOStGDywy2hzow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Next.js
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=15
content-length
0
date
Wed, 13 Dec 2023 01:33:28 GMT
location
https://home.s.id/forbidden#action
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
montserrat.css
home.s.id/assets/fonts/
22 KB
1 KB
Stylesheet
General
Full URL
https://home.s.id/assets/fonts/montserrat.css
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"586e-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e0xCzHq%2F6%2FfXaXDFW%2FUnBHHSKyCsd2wsBFaE1z7rjFU15KYQMJA1AlvFhUFow7U1qOKZ1cye0tyDst49Q6dOEeoQh99vRpqc5QOEDhbK934SUHHiC1hlXnSPG4E%2FuXUaN4pAULcKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
cf-ray
834a75906a25373d-FRA
work-sans.css
home.s.id/assets/fonts/
4 KB
760 B
Stylesheet
General
Full URL
https://home.s.id/assets/fonts/work-sans.css
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 06 Sep 2023 09:42:59 GMT
server
cloudflare
etag
W/"10bc-18a69dfa4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMXArhYvXRbbgkgleMIttynIpeEyGJp%2BL6ILf7cKLerwYEwkYL%2F5II3Lb1RbcTf4KqhEEKuhdj%2Fw2Gwh3CESf4QibbJPjul%2B2aVmi%2FX%2Bs%2FivuTi3hsgyRbgdl%2BmwTdIHFb3a%2BhiZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
cf-ray
834a75906a26373d-FRA
ea8245034dc3dfae.css
home.s.id/_next/static/css/
163 KB
24 KB
Stylesheet
General
Full URL
https://home.s.id/_next/static/css/ea8245034dc3dfae.css
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d42c51914990a5fd1d0f4450883a50bdcb0f17a6bd5771f86c028101611c9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340577
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"28cd8-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5mh6OsPbdphak20bwu%2Fmp6Gl0zVwXnDSvr6ZAii978XTKgb17Y7EKJRN9P3XsL3M7xcWDQZaYUIGMjhQvglhNsvd07s7usU%2BJoj7c7vC8f80q2xCsZ5CoAP943oEUKoBdyuKsDkBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75906a27373d-FRA
webpack-dfbfa7e7a00cbaef.js
home.s.id/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://home.s.id/_next/static/chunks/webpack-dfbfa7e7a00cbaef.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f36fc19fd2de7fd06149429b69254d05e72044347a958e2615d4dcf2bbe8ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340576
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"1197-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1e2rmsJ9ZFAfVOkkuNq7uE0qXZ0Cnr3RotvbQNvSnMh3TiEnRKSwQxgeK6jkSYuw0PYFooFcIPEfimYiJhw5w%2BTZpcl%2Bhj5%2FuLc5NiRojWrIlGU4C2eQbw2lIKYOAPUhmsl0I%2BK%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a2e373d-FRA
framework-c77b5ad42e6fa06c.js
home.s.id/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://home.s.id/_next/static/chunks/framework-c77b5ad42e6fa06c.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340576
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"2272b-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwH07F8cfGB8NQY1hhfZb9U3AyOHRe5zW8ER0nHnd6vVhQw%2Fy10qgJaaAVEigBChguqbVfqz36lVzkQsFVcvs3oe3TbJbgvnfTY4MkjNvreat%2F57%2BGTuEw0PpmQv4TS8kySuVhat3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a31373d-FRA
main-45f200f3cb6b7b3d.js
home.s.id/_next/static/chunks/
97 KB
29 KB
Script
General
Full URL
https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340576
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"18214-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAaPtgmxVeS2MSGKKMiotnpUfmY4sVmrcOVxbTUU4LHFDPxxV8alI5zq3VJUi%2F4ve27BvEZQQHxHzv0apeMX57Tg9f2CCQmaTMTVCCfdfxVIVmvMwnVz0vaYM6iNe5V%2BOkZI5rGaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a33373d-FRA
_app-b8f35e07f6fac01b.js
home.s.id/_next/static/chunks/pages/
419 KB
133 KB
Script
General
Full URL
https://home.s.id/_next/static/chunks/pages/_app-b8f35e07f6fac01b.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d0f48b04d2553ac97b87aae4e8ced4ce81727e65aa31b91ef521d8195a7232
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340576
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"68cef-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFsefe03iKVU3ecsocVFbuD6kGSl5SaY3h%2FHmMiGmx5q3%2FTrH4hCyCrCMtIndECLIY%2FFsVqKK57FRHQjzsDRa07uW4NFYSvGKttWltJV50XPqauGBdJjNOMYlHypwUcyGFY%2BIMcLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a35373d-FRA
forbidden-29883e63e1ce37b2.js
home.s.id/_next/static/chunks/pages/
4 KB
2 KB
Script
General
Full URL
https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336203
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"eb6-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nNOdn%2Fjp2%2BvEEPYSRr2hk3%2FF6oxfyA3SEvkg3%2FKtrBky%2BiZFamIECob1mj3A8zD8Y8465OE%2BHwe7JN1lVuqap%2B45GtGkKmlRBVIQzWSFH6wFSd5%2FOSZbsP5MjtfUPeYahcc0zzMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a36373d-FRA
_buildManifest.js
home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/
10 KB
3 KB
Script
General
Full URL
https://home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/_buildManifest.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e4f72ba91fb1440620bb79c43834df68aa57cc038b35325a5acec18db239c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340574
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:07 GMT
server
cloudflare
etag
W/"282b-18c4c6cc918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvQIJvdaWoagBnIDUqrmQtOB%2F98PG83n0fIew6F8izEKgiVMaTUspIyPJvvqy3lnKTiedE41UG%2FWriOiMsE6DZIi3J6P6BCKQkGnY0SiCHZHv%2FMLdaZ69liaXzNb9RyW%2FdWnmg9dKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908a37373d-FRA
_ssgManifest.js
home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/
91 B
661 B
Script
General
Full URL
https://home.s.id/_next/static/XmZH8i6kdVRbNFefP50Fc/_ssgManifest.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334817
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:34:45 GMT
server
cloudflare
etag
W/"5b-18c4c6d5d88"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Lbqsp5jpKdDAQhxJvwjVF9sZMXoH5mGkTD1H%2BxfErSnDQQvQuUcdQ8Y1EHQaKbXWY2WroJtg6EmkdYod1xDd0xDlTiu2UT1Q%2BcFYS%2BIm0pT91Ir1AS5XpAKcDmiQB7H%2FsXXRNHwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000, immutable
cf-ray
834a75908f6e9bd0-FRA
403.svg
home.s.id/images/errors/
4 KB
2 KB
Image
General
Full URL
https://home.s.id/images/errors/403.svg
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 27 Dec 2022 03:47:41 GMT
server
cloudflare
etag
W/"1136-18551b16f48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyNGOTRODqCtuG%2FxlGqPM%2FiCjb%2BKRNc4Ch2ZrRQ1%2BjrYCiYMUiqrLgjLKlauDClxstGCiPTFpH6NnGS8G%2Bvx%2FRZCal9QLf0sMOU5X0vn6hRxJFAuiD1FB1w%2FWkKUMdyAhXEWfVEGcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
public, max-age=86400
cf-ray
834a75906a28373d-FRA
sid-neu-logo.svg
home.s.id/images/
8 KB
4 KB
Image
General
Full URL
https://home.s.id/images/sid-neu-logo.svg
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/forbidden
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 05 Jul 2023 23:09:20 GMT
server
cloudflare
etag
W/"2120-18928513d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umJoeyMlBULTBOG4%2Feo%2FL%2FWkS4uB2drOvntRMSZJtgps7jklFkeODxriIXz8JywYcN4%2BWZ3I3d5C14CHmYRXzvqfLjjeBB%2F2jn9xujGtJbLKgJamPd1GsLXPdiBNxO%2FlpetbF5e76g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
public, max-age=86400
cf-ray
834a75906a2a373d-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://home.s.id/
Origin
https://home.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
834a75909a7d92c3-FRA
montserrat-normal-800.woff2
home.s.id/assets/fonts/dist/
32 KB
33 KB
Font
General
Full URL
https://home.s.id/assets/fonts/dist/montserrat-normal-800.woff2
Requested by
Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.s.id/assets/fonts/montserrat.css
Origin
https://home.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33148
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"817c-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mWv2QBSe2igqfigBXjxFc4N3kZQTJfPb3pHkPhgkJZMBHT%2F%2BWE1Wyu4P6UBEvC3X069P4SttB2yaBOJR350liy5P8Nh0Ow3EvSnZcNVCmzmMZabM42SGIUy5aE%2B36t%2FBZkOzg%2BVrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
834a7594c95d9bd0-FRA
montserrat-normal-400.woff2
home.s.id/assets/fonts/dist/
32 KB
33 KB
Font
General
Full URL
https://home.s.id/assets/fonts/dist/montserrat-normal-400.woff2
Requested by
Host: home.s.id
URL: https://home.s.id/assets/fonts/montserrat.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://home.s.id/assets/fonts/montserrat.css
Origin
https://home.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33148
x-xss-protection
1; mode=block
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"817c-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6D2X7mhxpujIefGLeftkcr3lDl2cjDBgk9l0MpFJxz1syWwIMoMuZ2QtuXCAJ9Kv2j%2FewuR8ao%2FByejTnMxA7IhYX4KSY%2F%2FiTYXAjY933m7ZxbYNv4ebHzCK5skLblWd9v2G4p%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
834a7594c95e9bd0-FRA
me
app.s.id/api/user/
0
0

js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08e27c3d3459374fae8672b879d9ad1b6965595612605be8d1e0fe873a232ece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85524
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:29 GMT
js
www.googletagmanager.com/gtag/
244 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1a01d1b7e2596b94776b19e86f136c2198fe3898792a921df380fc7b44a6f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86266
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:29 GMT
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10823601447
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43ef59339df86d140d563ae54ba0af2ed0bd9d4af5e75fe61edb1b8dbcd2dfdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77800
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 01:33:29 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Dec 2023 01:33:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vjU2brgfJz83qAplOWPMohoG0hYNjdvFPtp4N7UIqWeSr6JVSMjoKtH+bTtSHIXK7qytQNrs5nBjzGPn7WDPVw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-45f200f3cb6b7b3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
VJNSTS6NH24VGZXW
age
6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZaA0/pNyb81iWefpjGS4Q1RaRzQbA+fGKlK3Mf/p7f/BJNjQ5D4umJJ3DA6PSAUaVAklKLutfM8=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCziBPTMkOIyOLmTvf1SQLs5qWJ6OK%2FUC3v8TvshVStjmikGEfOBdzzPJoGaG8JARExqlArrQfJ8ifMvJrzZj%2B96kRek9X%2BmsNesTA7DgEBdYIx2fDgk1WXxEXA%2B7YUXDCVAT3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
834a7595197c39d0-FRA
client
accounts.google.com/gsi/
206 KB
80 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-b8f35e07f6fac01b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kj65v75hp3s37tFrrMhO8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-kj65v75hp3s37tFrrMhO8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 13 Dec 2023 01:33:29 GMT
me
app.s.id/api/user/ Frame
0
0
Preflight
General
Full URL
https://app.s.id/api/user/me
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
ds,x-rpc-lang
Access-Control-Request-Method
GET
Origin
https://home.s.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin
https://home.s.id
Connection
close
Date
Wed, 13 Dec 2023 01:33:30 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
3626502037629324
connect.facebook.net/signals/config/
140 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3626502037629324?v=2.9.138&r=stable&domain=home.s.id
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Dec 2023 01:33:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
2cW7RluHTf6pwSgc45smnkzI81OI2qx6Fhy77Ix8lSLMVyUJPTJqyPtMlARP+XMyUUT2e+sWDtwvQcOssyEk5A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
4b27aa03-d3da-43eb-8382-660c054fbc9d
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8308f9559cc0de47-SEA, 8308f9559cc0de47-SEA
x-runtime
0.011363
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1be78db3e605d5c58ca618fae154f1c7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=846VvAlvcvlwghmVyUISnaSlI0wm9wmRViPtt4IsnuY4ZVERXF8dtxn5V16wMdjCU80b0jPGU5rXrTzZom6Cou38G4QsicNWPZtSFxiak4fkBgLlv0DXKe4yLYHp8g8fSRA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
834a75956fd59a0f-FRA
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cedd808f9c406831a20a8e26435f056d66bd761f3ffbfb7a297a4d1c524dc08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85532
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:29 GMT
collect
region1.analytics.google.com/g/
0
249 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3bt0v889124234&_p=1702431209745&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://home.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
249 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=144635658.1702431210&gtm=45je3bt0v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://home.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10823601447&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4609f2029d4a91ed4d98f3bc6abcefb20588a4b27ce2dd969b7b9d1074800464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77794
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 01:33:29 GMT
js
www.googletagmanager.com/gtag/
129 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfd0f104fb9fbe15c6830bffbdb9683cf1a643263a9c30491d420b02c91f90ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50558
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:29 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=144635658.1702431210&gtm=45je3bt0v889124234&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1738612110
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1702431209849&cv=11&fst=1702431209849&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&auid=848533358.1702431210&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6766855449a9306fdca2e4c00b459422bd25730f90309ff608ccd6c8e6f67371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1228
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3bt0v881303989&_p=1702431209745&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://home.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Dec 2023 01:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
664
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Dec 2023 03:22:25 GMT
/
www.google.com/pagead/1p-user-list/10823601447/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10823601447/?random=1702431209849&cv=11&fst=1702429200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMSoCtehgxa0rpmdiggw2ml__8op1Jw&random=1419066386&rmt_tld=0&ipr=y
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10823601447/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10823601447/?random=1702431209849&cv=11&fst=1702429200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887245165&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMSoCtehgxa0rpmdiggw2ml__8op1Jw&random=1419066386&rmt_tld=1&ipr=y
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1702431209907&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702431209905.620576761&cs_est=true&ler=empty&it=1702431209805&coo=false&rqm=GET
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://home.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Dec 2023 01:33:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
1 B
201 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1575067920&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=123476732&gjid=1772550757&cid=144635658.1702431210&tid=UA-225238330-2&_gid=605542577.1702431210&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1517899217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://home.s.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://home.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-widget-main-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450
435 KB
137 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FSF5803D2MZ177K
age
686672
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"531e7cd49856ceac1ab739dee1bd9825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0WYBu2iRg%2FGFMwprPOa2W5okOKkgUFfRkCXFv59NgQFU79U7M2pO2nB9bZ3BtApm6DFjcGaAoTD9rMnj9a2hcApqBL6bpXW1ibIl6chNJ1HLypmGKQUs8CprY65nkiwWMHL2S4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a7596aa4339d0-FRA
expires
Wed, 04 Dec 2024 00:28:35 GMT
en-us-json-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 4450
16 KB
3 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS8D41MZJZMYG1B
age
686672
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified
Tue, 05 Dec 2023 00:28:38 GMT
server
cloudflare
etag
W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZgymrx1f3YW32Wo9or%2BoUpqKj9GrZwuvKVCvWm7drJCqDFuGFhAUw6HdjRubM03%2BxOSuRaLyiBCOFLp1yK%2BJpL28ETr%2BFaWNuC9AMJ%2FxrVns2gqX2Nd7lAHnE2ltw1wF1MHnWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a75972a7a39d0-FRA
expires
Wed, 04 Dec 2024 00:28:37 GMT
web-widget-4852-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS6K6N3BED5C9DX
age
686674
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt1eg1ABUwM%2BKald7mSkfpN2c1v6izVS1Cb7BaN2UftBVbsN4LfIBsKwUuvFsEg2nROIsaNyPUogXi7ggk9OCiwXBXVDIj7t84NGR8DcyFgpXjjw8JrJp%2BcK7qV6iau5uyb%2FxFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a75972a7b39d0-FRA
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-519-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450
24 KB
8 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS3V2M4QJ2ZK33P
age
686664
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"1c9884a2069c7bec6b20dac62004eb1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FThWy%2FHLhNUKdZFttTev9rAL4PUL%2F4%2FUFMw%2FPhjoqw5R4MqL1sB7miWFqRK9zt%2B4eA5Kdz8dhkXo93ltXw4T5mw%2B7ihVv8g1kmxlu0dH13AYHMAQSxssFJwvuB%2B6hdr4uWwNec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a75972a7c39d0-FRA
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-5178-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450
24 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS7C58SVHM9XWRN
age
686674
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"11034f049f5eef05b26ed292ac59e1fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmaffAle%2FEAaZZLLLNcK5NQpM%2FmAOOa0vk3iw0daacX71z7YlbBrlw%2BE1IN1Fqjhre%2BAnmxq2i7sSI%2FU3Xd6iE8ZxIqwOUTXG7M0iv0cUaHqivdQNZTuKVEAQFKO%2FUMQNuLiBTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a75972a7d39d0-FRA
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-9535-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame 4450
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DGAPYB7RVAW7PJHD
age
686674
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
LC24n1k4UTXrcSOVS+iTkc9O6eEHNgBkRjg38QC4zxrfVph2flnYKtoV/TdQVWhBnH75nffI3kfqzTligwZ0Hg==
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"d46547a6c79c8800ac99ed5408528a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iWmeRRfOZdvrFxEuOYgbmSkSdZei0QpGNXeGYcbLHIiTxvY22XnrRfU8TCWhKjK%2FJ5VrxUGVyvUUagJ2rdmF%2FyVHQK0EXbC0IhAV0iUlp5bRIJp%2BWj8qSfu0XP2%2F1LkxNDyoCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a75972a7f39d0-FRA
expires
Wed, 04 Dec 2024 00:28:35 GMT
Primary Request oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2
blog.s.id/post/2022/05/19/
Redirect Chain
  • https://s.id/1SV77?s=skip
  • https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
113 KB
32 KB
Document
General
Full URL
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Requested by
Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-29883e63e1ce37b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1373576b47409b734b6d633162733592b809e479940f1507db83ecaf45c7676c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://home.s.id/forbidden#action
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75461
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=86400, must-revalidate
cf-cache-status
HIT
cf-ray
834a7599f828373d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 01:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYO5%2FrF0IS4eJypwob11I7hYdVIr9MDLCuouURw%2FXDIgYZgKp2gvGJJiEkKscWPNXvrXLdxJa8f0O1FkAUcqXN6XkMdV11mDV%2FUo5pGpXY4yqSMQKB8A%2FDTue0%2FPNbkKkhFC8db%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Next.js

Redirect headers

cache-control
private, max-age=15
content-length
0
date
Wed, 13 Dec 2023 01:33:30 GMT
location
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains
pv
sdotid.zendesk.com/frontendevents/ Frame 4450
0
0

config
sdotid.zendesk.com/embeddable/ Frame 4450
858 B
1023 B
Fetch
General
Full URL
https://sdotid.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6645897d88-mtlnx
x-cached
MISS
x-request-id
834a75979e8d4d3a-FRA
x-runtime
0.003762
last-modified
Wed, 13 Dec 2023 00:51:51 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0pirplynrcxAWv%2FB5VNxaDwdhBE6lcapCwnb0TG1qsDSF%2FQmBMNJtqWXQxPlsISTRnFiPcSFclWKF5B7rDDVzXlX%2FXf9DJbJeYLv4UxSl1Wf2cA7kr2jHP0ZkbDcnkYEstMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
834a75979e8d4d3a-FRA
pv
sdotid.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://home.s.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
834a75979e8c4d3a-FRA
date
Wed, 13 Dec 2023 01:33:30 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp0u%2FP3rCy4z9A%2B8e821Cge3ItbuQJEA3gJhGTppwrZwQOdL6cJXv%2FJhOpoDtg1%2BspMhDIhbQIJyNs%2Bh8yp584hZoAu4N6IPXshtffvhoy4xkRJzCOZdbg%2BKoj38rPmBfrIoXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
834a75979e8c4d3a-FRA
x-zendesk-zorg
yes
collect
region1.analytics.google.com/g/
0
0

rum
home.s.id/cdn-cgi/
0
0

412338cf0c38613f.css
blog.s.id/_next/static/css/
120 KB
19 KB
Stylesheet
General
Full URL
https://blog.s.id/_next/static/css/412338cf0c38613f.css
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1487936e32296ba5ae5002b7528b604a8784e7b2826bfaebb2ce6ce0d80b6b2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339118
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"1de68-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIV5T9wFr%2FIQW7zOpP6MnZ78EVR1fVsAEbbU4KP5GXy7twjpWkVaPf9oHtFLBL8T%2BuABlcgcPKOlq1el4fcMSQt0YcJ7FpqtQtQBtpjG379caHhZ6baWAMTESkmF5vwwv8HdqazHag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a1bb49bd0-FRA
0ccc702cf5b6f291.css
blog.s.id/_next/static/css/
722 B
788 B
Stylesheet
General
Full URL
https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"2d2-18c4c6b1398"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hDNqZ3TkP59BVeso6B4Zl6JXrsBgUrYIdn22SdSy4His%2BGvQ29E1WkzQppIHggwJl43XJmvKrSCZ5Vxd4PhleWHCm09ttuKx27Vpn5%2FRG2mL8wh1UD7YZWf8%2FEnh06QLnzmYIVesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a1bb59bd0-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
175 KB
58 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
323356bea8a6a202c80f8ed4dd22ba1cf3eb061f2a8f927e4ce4aca7661ea0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59085
x-xss-protection
0
server
cafe
etag
4381437893952885375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 01:33:30 GMT
webpack-36d12a75f0098f30.js
blog.s.id/_next/static/chunks/
2 KB
2 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/webpack-36d12a75f0098f30.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"892-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BtboJUDWruGreG%2BPEPuJZoCMu6btX55sE%2BySSQ8R2bWv1GZFOucxeY7cadawFXPhfWBm47IXIRKode%2FTPFXSMp1s6WaRXsS9%2BNdgy1OlO%2FoKcwWrWhAuP1i%2FedhdoQ6jmF0IUJSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bbe9bd0-FRA
framework-400d78dd60ac46ca.js
blog.s.id/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"226e4-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCA%2BiS9QFX5vqhsBZtkqjVFGmSttElo8nEVltZqcHJ6lEcstcMmtiuQjJohA4NG9Eym5qj%2FlMe5BQOHgfEssFOTpfgx0IPmec9i%2Fkkvu%2BVtgWjeMdeVrk7VWMCcJRkpFQj2ciSs7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bbf9bd0-FRA
main-ef060895a635bf59.js
blog.s.id/_next/static/chunks/
96 KB
29 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"17fff-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDhGUz51Ft1cN%2F%2Bz5UQEBTNUqrQpqKKN1xQBaRiiDfyn6So6jVLfF%2B2ug1l0i%2FRVp5fgZzMLRBB5nbvrDDUiF%2Bap95%2FIKxW6HWJKYAdporC7mdYQWozMGDHMomokVh%2Fy%2Bxl1k3if4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc09bd0-FRA
_app-de5007dea8150d1f.js
blog.s.id/_next/static/chunks/pages/
256 KB
83 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/pages/_app-de5007dea8150d1f.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e6fb1f93175bf783970742a357934e73808e149f8ab237828f0ca8a12f2588
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332513
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"3ff20-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6bhyPgK4mcqlczQWjkbpPKddpAMqJVmplsxuTHlxw0XC4e2avnaUKYuivaStGUeyvZ13dMiHgehmv1SkzK9MSuUcWqRNvmlVULqF0bjfmiMALt8T2d%2BGoeab7QWt4IIDOZYrrQhrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc19bd0-FRA
b7322211-fbdd2383fa168487.js
blog.s.id/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/b7322211-fbdd2383fa168487.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331366
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"a7e-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VC%2FqIf9hBwosHUQclOnI2EA3YHh8HnRHj2e9qi7pUqgHCJA%2B%2FCakkhaxsoxYJ0XvTgVHCc0gQig7XpxpkjGHcpc2esqz9ULzhIfkQufAtBSh%2Bq2%2BUsX%2FOizwfU1ZARJVtsxvCYsA9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc29bd0-FRA
903-f279e023cd941d06.js
blog.s.id/_next/static/chunks/
140 KB
43 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/903-f279e023cd941d06.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"23198-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtS3U0GEI0ZE%2FYEEzxWvJqkiP2SKPdnLe8b%2FJWPmphBIfJpTU0ncpT3am4RWi6cTAeNtPscxDKBYCpxaz662lTo5jpu7joiFV4jaioB%2B3vqQu%2F68C8n4bZ4huLhbg3OmxK71KiJ%2BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc39bd0-FRA
68-0a3ef05955003f6f.js
blog.s.id/_next/static/chunks/
13 KB
5 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/68-0a3ef05955003f6f.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951a2067a584dbb3151388bf54762ad93bf94d45898f311b0bdda74ba76d12de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"35f4-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVABbdJlKNHFqBdgD9FCdijIV99zdYML5uv%2FgmugcQ2Ev%2F2DXIT6ExZb7NHR%2Flz6qMAbzW6U%2FxctrHh55oKTSOYoD7t6%2FK9rE4KA%2F4yBQp7NLpRAxbdg1kZQcl%2F%2B%2FRcc3KK6DbX27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc49bd0-FRA
%5B...article%5D-f50dfd12dd1bf9bd.js
blog.s.id/_next/static/chunks/pages/post/
26 KB
10 KB
Script
General
Full URL
https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-f50dfd12dd1bf9bd.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"6877-18c4c6b1398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP69WFgA9Gj9liW7UbwAduJJj5NlKpCK9%2FxPNywyZlVuIVWRYDjhyjgfq1BpvlpYdrEKL1MAXSk17AUCjrzX%2FZaFrvhvz8hs7MhIAHZ%2FRKXQSt3lIIydp4p09Svm%2FHQv7FRLNFzdWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc59bd0-FRA
_buildManifest.js
blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/
998 B
984 B
Script
General
Full URL
https://blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/_buildManifest.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd65dbf5130ef5e064320f6f300b54f82c06e9893055611fcf639d6eb8fbfbc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"3e6-18c4c6b1398"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqkHBPFgdXXWeLxsFraGlgnsWBUoVbhO9A1M4SKSh%2B2uZmOBlGklS5wlodBc9337%2B8x2kKHYnzCSSohTL08UfAxqMUyKw2PxOJ9koPhFK7VWmDBbNCtpTnzdw85yQB2tSquSTq2nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc69bd0-FRA
_ssgManifest.js
blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/
77 B
609 B
Script
General
Full URL
https://blog.s.id/_next/static/aYzQ14L_us2EhaQniEzo4/_ssgManifest.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329637
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Dec 2023 02:32:15 GMT
server
cloudflare
etag
W/"4d-18c4c6b1398"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FQeJbAEPy3OytqMdHjLqN%2FxecZiWk6aAKaqM%2FcZhN7Z3pDAgdt%2BJVIMTZXdhclwtv%2B%2F37jgeUklnG0%2FLaD5%2B5p%2BJSvLTNw2VghWqSt%2BtZwSjzN5oIe5FineM84ipYqhwmrQ3M6Npg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
834a759a2bc79bd0-FRA
montserrat.css
blog.s.id/assets/fonts/
22 KB
1 KB
Stylesheet
General
Full URL
https://blog.s.id/assets/fonts/montserrat.css
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"586e-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGDGsbnDJkIdJNtJid88NweUf6mdzHcCzwoa6QxAJhOIf0R28NvwF6ez%2FRMmoMwQnWH%2BpdgIGCjmkRP0xRQq3r4i%2BZi3zc3cDZAvWVPsnQFTUM4sIS%2FKLQ0%2FTq8DJi47%2FCEtsGHJxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
cf-ray
834a759a1bb79bd0-FRA
alt-svc
h3=":443"; ma=86400
work-sans.css
blog.s.id/assets/fonts/
4 KB
945 B
Stylesheet
General
Full URL
https://blog.s.id/assets/fonts/work-sans.css
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 06 Sep 2023 09:42:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"10bc-18a69dfa4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZukSxE2IG9AwRoT39MjND2rJ8Q4Gf3b0JX%2BewR88oU%2Bjkk6WDAi%2FDjSzhkv9VPrCxacoT8kwn%2BopMlUgBFg%2FjytZc3mPIu15W0T7CYL6Z6OYGsYgIQC9KZPc3llIjeRaqZF1i8TNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
cf-ray
834a759a1bb89bd0-FRA
alt-svc
h3=":443"; ma=86400
klip_2310_home.jpeg
cdn-sdotid.adg.id/assets/
38 KB
39 KB
Image
General
Full URL
https://cdn-sdotid.adg.id/assets/klip_2310_home.jpeg
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
7J5fU7ky2RB2K0._gaywL1p5g8cLKNce
via
1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
38940
last-modified
Thu, 12 Oct 2023 09:48:14 GMT
server
cloudflare
etag
"41e097787c826186c9cc5281368f5c85"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pJFPeo58Eq3LNnVWjeR%2B6jeDvfiD%2FkGMhR%2B2uDqu7YkLcXlGMnuz95DwTFctKJ3GdHHClOpJ%2BmU29DzV2BUFXMohKzgvW2ZFP%2FkjjWUShb4CB3vbtsylTVTbOkuPMnncH0QIMA5kr3xrxgCNY2P7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
834a759a697a3623-FRA
x-amz-cf-id
newV7luUYPcQ3ruzdv1JiYjeSrSvmJP1nFn9P6irIGz_o70_TLe0Hw==
adg-red-ring.svg
blog.s.id/images/
6 KB
3 KB
Image
General
Full URL
https://blog.s.id/images/adg-red-ring.svg
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Sat, 12 Mar 2022 15:31:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"1926-17f7ec17510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2IfLyn3n1ae2zofGHHHAizf7aJXW6wH0rMJUyGwJPyS38C5NABr8lk5azHjo8U%2FAWDcnOgyByIE4bBgFnm3cxUYfeEypaySoQonSSsDO%2Bb6L7yscatxtADRvfOvm%2FiODoe0aQeJ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
834a759a1bb99bd0-FRA
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://blog.s.id/
Origin
https://blog.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
834a759a2f5a92c3-FRA
show_ads_impl_with_ama.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/
460 KB
150 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12a2cfd2ffbc1ea445b253c65d32d2800c3b2a027dfa44571f8f2640cc6fc7f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153244
x-xss-protection
0
server
cafe
etag
8586711711260569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 01:33:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame BB91
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4511
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:44:43 GMT
etag
14902866265712643852
expires
Tue, 26 Dec 2023 04:44:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
work-sans-normal-700.woff2
blog.s.id/assets/fonts/dist/
49 KB
50 KB
Font
General
Full URL
https://blog.s.id/assets/fonts/dist/work-sans-normal-700.woff2
Requested by
Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.s.id/assets/fonts/work-sans.css
Origin
https://blog.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
50560
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"c580-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaaMzF0iQ%2BqyBVv0fZS0hqtZakMLh%2F4QMDcPt%2BTiT6S6EbxP1g9EHIjf9NU7IjuAJHeUaPPGr7egocFOVsegLlI%2BZ32Tvo%2FJKBU5fmyvsPLa5U3087xzOcP1JaRK1N%2BLcFlBxHh6qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
834a759bac8e9bd0-FRA
work-sans-normal-400.woff2
blog.s.id/assets/fonts/dist/
49 KB
50 KB
Font
General
Full URL
https://blog.s.id/assets/fonts/dist/work-sans-normal-400.woff2
Requested by
Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.s.id/assets/fonts/work-sans.css
Origin
https://blog.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
50560
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"c580-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQb0YbVnUU2oJ9OUtYdvlg1NTii0dJtOexQ0AOEbSu%2FpuZzY9ih%2FW8waUotwy30SCuccV1TIgSYpaRMD1BX0HGOGafR5BnC2ntwTwzA0qsp1f8j6203ipFMhiRvpL%2FadHJ%2B3mvgfMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
834a759bac8f9bd0-FRA
work-sans-italic-400.woff2
blog.s.id/assets/fonts/dist/
47 KB
48 KB
Font
General
Full URL
https://blog.s.id/assets/fonts/dist/work-sans-italic-400.woff2
Requested by
Host: blog.s.id
URL: https://blog.s.id/assets/fonts/work-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffc104c9694ddc19f5162ba8021d2ea8fc262ca055042a71e0d17b09b5c0f4e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.s.id/assets/fonts/work-sans.css
Origin
https://blog.s.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48432
last-modified
Sat, 09 Dec 2023 02:26:56 GMT
server
cloudflare
etag
W/"bd30-18c4c663580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC2%2B33lv8L3agbZBYvUxnAJQmbV6l2rHQ6uRMBNUIeGSwWSa8pGRMVQK9n1LwAfzpbPQ%2B%2FeZe9SHtMESTXgAlb2Qz2zVwkcbohJG3%2F38P11iJnss6cKJcvszgVztiimWF%2FNZVwlKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
834a759bac909bd0-FRA
sid-neu-logo-dark.svg
blog.s.id/images/
8 KB
4 KB
Image
General
Full URL
https://blog.s.id/images/sid-neu-logo-dark.svg
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 05 Jul 2023 23:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"2137-18928513d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z2of07eN67jnWel8ddihf4ClNsSIlDRCtPKYO83GmBjaIj7uQLi8khrIiqstuG5sxa0XaxxoBY9NPwkolRXKTkUT2V3XZ%2FGKzYhD%2FY2osAa5ABNo2kywl5eWve33iSahb9BVXYd2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
834a759bbc979bd0-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Requested by
Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6414e2acb93d61cc7427584530f90ae20a94b358bce7cdb4b05dd03eec4b60c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85519
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:30 GMT
js
www.googletagmanager.com/gtag/
244 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Requested by
Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0eface46a399934cda952d5f5d125ea4f4103ccf5d0a5b900bcdfd14a808af68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86176
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:30 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f
Requested by
Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
VJNSTS6NH24VGZXW
age
7
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZaA0/pNyb81iWefpjGS4Q1RaRzQbA+fGKlK3Mf/p7f/BJNjQ5D4umJJ3DA6PSAUaVAklKLutfM8=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCUXx%2FDjdLM9My1I0NugbqcYbUr1%2BT%2Bq5qIu4uvyX9nOy4LY0SOdXBkOzLOiu4e6R6EIzfpJJIuWKalV9cCxWsJ%2BBp7StvpvJkaS4vY7sUyOqehO7mPp5TJshiI2sk0Fmj4cfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
834a759bfd2f39d0-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 413B
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1702431210&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702431210699&bpp=3&bdt=121&idt=193&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8535591287261&frm=20&pv=2&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809530%2C31080037%2C95320884&oid=2&pvsid=2911362765832022&tmod=1682469535&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:30 GMT
expires
Wed, 13 Dec 2023 01:33:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1dc98855-fcfe-49a8-9ac6-f3d16b24538f
ekr.zdassets.com/compose/
336 B
590 B
Fetch
General
Full URL
https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b8f8113f98b6e61c77542de0689621daa14087934122935b9d19db67a59dd7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8308f974ffd15e9b-SEA, 8308f974ffd15e9b-SEA
x-runtime
0.010985
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e5b8f8113f98b6e61c77542de0689621"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03knxWieL%2F4m36b3cpZJcem%2B345ovFw4Xds%2B2A5c1oXHywm8V%2BFHy8HgC3pLmVymzAOSQWrTwXoYdVU1C9Z%2FvI9YuCFE35zCQxKAqtUohokhfSGCfbffvnEeNdY8rxsZ5eA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
834a759c2ad59a0f-FRA
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c58b5a51b2177a2b7d12ee0c4638194266e6efb467b19031602e9f4cb3f13647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85528
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 01:33:30 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je3bt0v889102823&_p=1702431210878&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431210&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=%E2%80%9COops%2C%20you%20are%20accessing%20a%20Forbidden%20Link!%E2%80%9D%20What%20does%20that%20mean%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=824
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
68 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=144635658.1702431210&gtm=45je3bt0v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=144635658.1702431210&gtm=45je3bt0v889102823&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=294659310
Requested by
Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je3bt0v881303990&_p=1702431210878&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702431210&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=%E2%80%9COops%2C%20you%20are%20accessing%20a%20Forbidden%20Link!%E2%80%9D%20What%20does%20that%20mean%3F%20-%20s.id&en=page_view&_fv=1&_ss=1&_ee=1&tfd=839
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.s.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ec8809d403fd1f42e287cbf8a2eac126f78bca7ef1b7c046bba156e3de7b6a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12195
x-xss-protection
0
rum
blog.s.id/cdn-cgi/
0
137 B
XHR
General
Full URL
https://blog.s.id/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2?utm_source=home_sid&utm_medium=redirect
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://blog.s.id
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
834a759d4d549bd0-FRA
web-widget-framework-deab6e1bfb9c4776677c.js
static.zdassets.com/web_widget/latest/ Frame 2708
102 KB
32 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5eb4ac3390920825c2f368d1fcfca6b0c998b80b75f7b970aab00363137c12d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
x-amz-version-id
jxfLAjAMoSjcjesSkiIH5lJeYxTAMjAP
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DGAWW5HR30XQV0MR
age
686654
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
9K9nZsPlyLayyK0dRSX2XhgRXV7AqHHIPNIu4rkJu98A2HapVVo+BUAbBFqsXJit0xFzyWg7NLc=
last-modified
Tue, 05 Dec 2023 00:21:34 GMT
server
cloudflare
etag
W/"c9bcb89fd41dd7252d18168d3ebf7e49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlqQCtoiH%2FmaHx6lnkn4b1848lF2rXlRZTPQ%2FKgWMMOZY8vOKkNVm2N1HMUDjFgb0iiM0V0cf9jEHDP3cJVpANI3oz8YidcLAEB1v%2BPeM8V%2FNMypF802nMJusc%2FCXME0iIbxmLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
834a759d5de539d0-FRA
expires
Wed, 04 Dec 2024 00:21:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad880bd4f96df8c0fa793c170113c0fc2670b09614fcc9b5880402f88956d63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29397
x-xss-protection
0
server
cafe
etag
20 / 19704 / m202312060101 / config-hash: 6487957748488688722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 01:33:31 GMT
site.js
protagcdn.com/s/s.id/
442 KB
126 KB
Script
General
Full URL
https://protagcdn.com/s/s.id/site.js
Requested by
Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=453743
alt-svc
h3=":443"; ma=86400
pragma
no-cache
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 04:06:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTsyOPum4UohzXVGdFldlIdH9cdtQk%2F1L0pZVJ7nIPow4b5cP7zdfKARchOrU%2BQX7sNX%2B7kCee%2FBs91bqhx2BOHdaIRe1Omrp3s4LOkFM9zh4tWSXAtJ4%2BenYdGHRU9QUVSBqP%2BEUkh1ntA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
834a759d8e5e35f0-FRA
expires
Wed, 13 Dec 2023 02:03:31 GMT
config
shortener.zendesk.com/embeddable/ Frame 2708
15 B
949 B
Fetch
General
Full URL
https://shortener.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-deab6e1bfb9c4776677c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=0;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15
x-zendesk-origin-server
embeddable-app-server-6c58497b58-xtl7p
x-request-id
834a75429fb2bbc1-FRA
x-runtime
0.006619
server
cloudflare
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oi94qYm7rCEwVIBNDYz26SIOqppZr40Fr1YDnYzQmii7ZKUuC0Vt08s8jAF0WM9ckchbswfYBMF3wmuVA3kOaSAu%2FwRPo7kWe5juIhRfuu7oOeicLkHa1eGU7HsLGdSmlLW7U9uWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=3600
content-type
text/plain; charset=utf-8
cf-ray
834a759dda73900d-FRA
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama.js?client=ca-pub-2742216534640545&plah=blog.s.id&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 01:33:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
431 KB
432 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:14:16 GMT
x-content-type-options
nosniff
age
44355
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441821
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 13:14:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C63C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 19:59:49 GMT
expires
Wed, 11 Dec 2024 19:59:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8F96
829 B
980 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
624ade36c76e96a273bb85a6040d71e1fb731fab6c7b1d30a6460d5664c66fee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TeWJjsUMlowYgJdFceqxIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TeWJjsUMlowYgJdFceqxIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
expires
Wed, 13 Dec 2023 01:33:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C63C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
22837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 19:12:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F96
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2911362765832022&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame C63C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1oQj6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27199
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrOjvC2QEzoyvZL75BHlYLMwUcFI%2BYYQuJVzpNTjvKzQzWUjtz%2FU40ZMDEA8UZyeg1aYYnJrgxtJZuh8G8vseQ2q93%2B7kLJkjOx%2BKhyD5AVmBzYKzn3vO2aBIrKmHWKYZXAn%2FE5tahgAslDNw64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
834a759f0a5335e6-FRA
esp.js
cdn.id5-sync.com/api/1.0/
152 KB
34 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
9XEJCTBGXMH6BWG7
age
994
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
834a759f1c5869a3-FRA
x-amz-id-2
6lDvA/NG13Ah70SYz7rinfNBhtPRqYB8cRNAXOB0HrHMJ4cExka3o6S7+kAh+aqG5/Nc7+/gZfgdF9MgeI4iQg==
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 23:45:01 GMT
content-encoding
gzip
age
179310
x-guploader-uploadid
ABPtcPrYI9WjI8qWERv8Pq3_qL_rWNQzx2w0AQ9duzs5vDQZtPMEVroiATrDFn5QEswUa23PPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 09 Dec 2024 23:45:01 GMT
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Dec 2023 01:33:31 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-74.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
76646
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
NgIt9Qvpu30mGYNxI77iSFjphwOg9XH9Uiv1-aRz-8Mr0ap9zOPDtA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
08dd14c28c00f8958612f07c6bb5a96c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/
193 KB
45 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911362765832022&correlator=693694084228574&eid=31080124%2C44807746%2C31079724%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702431211367&lmt=1702431211&adxs=-9%2C426%2C426%2C426%2C-9&adys=-9%2C390%2C884%2C2266%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&msz=0x-1%7C468x0%7C744x0%7C744x0%7C0x-1&fws=2%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1_66hsYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjX_rqGxjFIAFICCGQSGQoKcHViY2lkLm9yZxjX_rqGxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y1_66hsYxSABSAghkEhcKCHJ0YmhvdXNlGNf-uobGMUgAUgIIZBIUCgVvcGVueBjX_rqGxjFIAFICCGQ.&dlt=1702431210578&idt=751&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5df1e8e6f20517566308466b4251c6c9e54facd975bcca40713d20b763d3545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45618
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://blog.s.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0F3
6 KB
3 KB
Document
General
Full URL
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
expires
Thu, 12 Dec 2024 01:33:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8613
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
server
Kestrel
server-processing-duration-in-ticks
280764
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
increment
id5-sync.com/api/esp/
0
225 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://blog.s.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://blog.s.id
date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirec...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirec...
85 B
192 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bc37a163eb8df49043fdf168f15af82d630845100909c3651a469a96f22cc818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-ek/HShTPkbbsYd3h0moNcP1xcPs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://blog.s.id
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 13 Dec 2023 01:33:31 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://blog.s.id
location
/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/
60 B
330 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5411fa3b97646d618255d3aeb674b7cc86798a7ccfdd59136a15e18e87a998e4

Request headers

Referer
https://blog.s.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://blog.s.id
cache-control
no-cache
x-server
10.45.5.175
access-control-allow-credentials
true
content-length
60
expires
0
sid
mug.criteo.com/ Frame 8613
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbk...
422 B
648 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36f19987a72302f93d62560fa2ca9bf4f9b56aeab752648c5e039c05eeccba8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1276406
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=T0xmBXxEWVllKzFTS2tUbjM1M0dpclRJSGlZdkdWSEROd3pURWZlNGhrdi95MG82ZnVBTjRYNWZnNWRNUDE0d3M1aUtXN1VPOVQ4dzhIamFta1ZZQmF6WXI1QXdMUFJUbnNQWnNJajVDUk9rSzRhdkg3ZjZmOWxtUlpxbkhuZHhiTjNCY2JwVkdDbFlLd2tvd1R5VXQwdmxXdXlCeFkrSUNGeElsNzc1b3V3ZnB3Zmo2VFJSV0Y5a1Bvdi9nVW9jUkt3RHAzdG5DS0VyMFhYZklWZzFZcGJYaTJEeFJrNEJjTFdHc2dJWXJPN05xbGNSZWJjcisrblZlTTdpV1hqbjJST3YyV2s5bnJTK2JxWmFwSmlrSGlzRXZPUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
300935
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 8DCE
0
167 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 13 Dec 2023 01:33:31 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
container.html
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC88
6 KB
3 KB
Document
General
Full URL
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
expires
Thu, 12 Dec 2024 01:33:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1112
6 KB
3 KB
Document
General
Full URL
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
expires
Thu, 12 Dec 2024 01:33:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA2F
6 KB
3 KB
Document
General
Full URL
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.s.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
expires
Thu, 12 Dec 2024 01:33:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EC88
31 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 23:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
8004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:20:07 GMT
css
fonts.googleapis.com/ Frame EC88
8 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 00:00:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 01:33:31 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EC88
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:37:52 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EC88
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:21:08 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC88
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 00:38:26 GMT
l
www.google.com/ads/measurement/ Frame EC88
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHYVxRWkI37-kxaFWjaHDV8BOkDx42dz8ARl8UOinKt0cuBKxQtoLoeqFQcUQIk3EAodOMWvnGu5fUvDCocTieOp1Phg
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

abg_lite.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1112
31 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 23:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
8004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 23:20:07 GMT
css
fonts.googleapis.com/ Frame 1112
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 00:55:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 01:33:31 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 1112
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:37:52 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 1112
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:21:08 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1112
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 00:38:26 GMT
l
www.google.com/ads/measurement/ Frame 1112
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJw68C0fJItxn-FfNoueJT95EvJqTZ4iCpe65xCiqz6q0GDIOcFEnCPk9P6oAEZGvFiudao3Q7L-EqoE4Vs9X0v_MjsQ
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 5BC3
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 01:33:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FA2F
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 01:33:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AELpHFPkYH7h6awKYylJTgmYfy6AC6jknIBeuO3EPuOvxp_XrkjTpq50E6tP2_kyS8K0pQSvoqpjwVoFMyAM0wEGVc2AijUR_vp-dFN1rJHN-arJU
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FA2F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:55:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
server
cafe
etag
18393213423120915576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:55:38 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FA2F
30 KB
12 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 00:38:26 GMT
l
www.google.com/ads/measurement/ Frame FA2F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRL1vA8ZQE7WJv2eiC6p56OfM73ZvwFoq51eaJlEqhF9pBtWTxIuWHopTH7KO5hppHTlPfMpoD5eruEZWzXu5Km-OwIcw
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FA2F
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 01:33:31 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2911362765832022&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOCZS3j-SWIUkbAW8_17pt2jMaUP4ZxrR0Z1DX2rHHOFxrRdfdul7_Wv0vdpkW-1mAgAAAGpSAAAAAmgBBwoAW9dvwaQvSNEFdWpqPMlcLtd0R_DUHWiagDBkInfrLvy6KPblvh4HwjtVyr2QUoc-VEz0yeqrNxT8frLdnhtl_XGpJBq9AbLp-MlU_QwiYdhn22VtP1Eyps2VEWaZArz6B6OweDZJ5DjtQKWchUMmVlwmT8GPEO98DRtOuJmJsR3YeAHw2nA5nXIhayeYn1s5swHHRzcTpNIi9fb0E4lyJn4c8bXwtN71vx1AFcGpMQfMCVHs5yJ942KJ6VEATBe_Ch7fPgXguDZloECj7uaZL8BqLk5gDLDgepsXoaZ1-K4sT7x_omaKx1rdQsDMXHpdU4eZ8zltwUC-J-GSMfbsURKUrfQ0QJMS4Y7rQfpgFZ3vmfyZQeU9XzYUxD7HuHbakJ0xU0FIdFId5wC7CvnzEiA0BmFqYWHv6zjM_0cz7uo4HZ04uhwcN1DVFOc9uUkV5NklOWecy6jg61htM_HQExdlZn4l5W9cv9VRz2GMfvyg6KuzuKISGMaf2WiWgQjfs-RCJizwWEw1tb_lT-FG7MacUijuZBCORVeYrIeICzX_oZq1BOvN1QfsFLpQ1jPOKFerzcXfZNm8oM7jPECsccgl5ewvlPmFOnZVeJYjrkhtlp1rvbCAmHugHpNW75j_uQUqSQbqonbQgdUstAzvxInXwq-TuluCuVGTyKZm4Fbmp_8Y8fnrpuaeq2_RDd3n43v2U0T14VnIAypCxnxDcOH0LV4ceA-mCAMxyiuE83io0-mCCuYYkSUUcY3Knl7V0gE8WJaecP9bARXXfOwm1wd8lYg8VYg8F0tIaR2FnUyqlGrCitVLtytWpz0FykZrF4eABeISLCdgrDtwQu3XBrnnzhoZ-SgsH4usbiUT3GmJ7n3euoPtiypHcN26Nfyk2MOBHY5j1opt_beCKvMvnLrQKmc3XcFr2L_pXaLq-9Z3KADYel1YRj0JB0-bsgBYDBU6nHwj54Ch-D57ZeEPIVKifGLvW_BIJo1EpvKml8yRyStB00DLpTEMSZPOUptxk-wok-w6ZI9g-Jqrp3KGnzl1IVK4Ap9OPZB_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 5BC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
43 B
772 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzdNULjXpMUP%2BLKV5CAZLPgem%2FjkVGi8L2fubL1MD2l6ACIA4uqqokpmHWHTMWQS9Np5%2BG3UOthxOiGy5jIMFtU6YgD44LTbFT5r7fz%2BoErL1666bdicxmiN80CSL58sNvJz3%2F8p0MGBYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834a75a30c882bec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5BC3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkJ6.8IKvdk-iNUwbjKrgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9kzbjZJ1YYsWU98nG5tA1C%2FtQsA3gEFX5RkS7rHhReqDn2U8SR4Buw0Cte5BcY1iQYLHQvJQdu2MZ2fQIai2M24FUFyKEvCMi%2BbHbpV%2B9HyzOSs359J2YIkpaGWiYgk8Kmi9PQwsHETCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834a75a33c9d2bec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM02yyWQhJOb2V0SNUjhZY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5BC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBLK9xinpbOSXLZBvOjZgfg&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1
43 B
896 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol
H2
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid
507ea558-c1e7-4eb3-a19f-eb95c83dfe04
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid
46bea97c-d127-4566-8373-bc1beb91bfec
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLK9xinpbOSXLZBvOjZgfg%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BC3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIY-9Xr7QEwAQ&v=APEucNURtIkirv7bJXiI_TQXNd-T-7vsKbPJhd7JKhEIomApJkMkrvvAmvXwI6EdUL4bRaP8Es536lLeLm1Z2aOtgZFEoRK7ssck2SM6izgMQoTsGPIDgmwhRo73OK3K-tnZIC9wJTGNvUw0A4A5kuDfRXQcB-n_8dADQOqiEm8fdyqn5d0h2ELf1CugvNWDKjyN7m9j_OgtH1U2ut5KPHVcMKWkaX94vw
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid
a0f57014-bd9f-4a0a-a3fa-00d3e18073d8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D
x-proxy-origin
138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 1112
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq33l67m&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1112
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
377650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1112
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
59962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1112
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cjpjy6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0MWtuPtM8mHC_uFytFeRWhxrfaVqwADJpw4V8A5rsxzhmlJdaiU-QhD0gmyWc1YMwf1jK8Pz7MwLhf2Nh0FXZrI7GbhQr8vI4HIiv-ctcx-taI6zWKfewrNTv6SMueWVDZ0PBQmcDe7RnuJi8c3-13ltoYDBK7yIByeAmrwI8H6ztmMbcZFalajcZA6yaHcooCYTfhFcCEI9CrL2yFN-11suZGqa-FlsoWC8zMWkOhpFGx6C1SbIkTrpMDLm4tgDCqUHR9jy9SNtZIoGOZT-G3yKJUplaMP_yb2072YdzVJYmOn916c9ESzJy2Pt_-NZrV_ABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPWv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702431211961&ai=Cjpjy6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0MWtuPtM8mHC_uFytFeRWhxrfaVqwADJpw4V8A5rsxzhmlJdaiU-QhD0gmyWc1YMwf1jK8Pz7MwLhf2Nh0FXZrI7GbhQr8vI4HIiv-ctcx-taI6zWKfewrNTv6SMueWVDZ0PBQmcDe7RnuJi8c3-13ltoYDBK7yIByeAmrwI8H6ztmMbcZFalajcZA6yaHcooCYTfhFcCEI9CrL2yFN-11suZGqa-FlsoWC8zMWkOhpFGx6C1SbIkTrpMDLm4tgDCqUHR9jy9SNtZIoGOZT-G3yKJUplaMP_yb2072YdzVJYmOn916c9ESzJy2Pt_-NZrV_ABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPWv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 1112
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq33l67t&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.go&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 1112
31 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ArhKG4VlZuMdzXH0XW7gyZyYNPLtK-HWJDvAmv15lDfnX957RfNfZFH7RBypRI4JcHHk2eZhR0MsQGt3ygIQczPwLhnw&cry=1&dbm_d=AKAmf-BIBqys9cgmSdcZNCN4aKQMOVDboXELjAn8-zVs4qU3ZmN1ITlZvXagaRPY7JjYPjpLNKUIWSsMF6bIDIqkz2YDfmPF09rrjcI8o5OIwBPbUBYYE-znqudmnuQAItVSmJTL8lpTFRWT_WYmG6CNQfkiA04b1xUM9slLmKi6IZ6OltJTVGWRGw2ds-ghl0BJoOB00WuAumLUh5NnXQqXdCR91M6MxBEvuKW40Nc-WsE-xurMC-zCrcZgcpinYp8BQ_yMlsKPi1GP8dAeMPreCaIhW_CXr1ehTLmtSNZxVu6f_u65xJh_nmzhRCQODIJCQbmu2DNP-Wb6i9BKxb6mSj5KJPdhO1dxkwN0jguGz54280HZkUZdxNFfpcFz1K2CKE4qtXK2pA5btU0-9BnRqpKENmahM5ZfDoOp3QTI3G_mCCGZltFho_SczLsgnl2yjurr3yrk6e42UUKTr16hFn9zqtECWP8K_oEvS-IXVYkf3SEsAdh4-3H0OdCoqsK8PWLPhGqBR9ehxNMSbHB6S4Drzv_F7v2h-2ecQDHg9kI74Nnx-qtHxMxW4elfDhBBwKFkYZIasEZJQ9hTCyloY3N2YkGSkseMpjyrIE6sH1u2Yr1fPoqYSVvNDe8PjHCCOqzPeOMoDIx2KWjffmhh4LRVSMsQV33JylJfUcpL72UUYr6wxRnOfi-nPOAPeSivAM7UKeMcQu6l1bxrGVPBqhwk1EHXCBSc3kOKFTGcARWuHmPYEwAg8MLLzWfMuvsBikRwTB76ovJI9wKX3mwiNobxt_5p-oiX6Ca1w44D2BedxGRyRNrJqjc9CST6ThbvRsu9H4LJcuBS0-MI1DEbAmy_Zn2CXo9VtVbe1sSF1AeMu-aLlJtMCTojpXITyU3jpaq5YJevwNiI2KaRWGsu7vQHuW9eWbB3dIOsUJkft9msvf2gElRh6W75GuU-X6OwJm5bFTp3SLZE6I06h38BD0KyPnTgZp6_dt-1OYCO01yXWEt7yEjNWU1PMvUnWPbs9Fjqp2HL2_sXSh58z9kPLn79ZFg2IH22phEdkRr3tmWTWf8VLegvBBGqTvKSCCxjqXLeDZGARu_Gvv-HRd6kXva5FeBJj68oplVAw--9Wfom3ffKNmzxWWRYta7j2-kGc1VlHoCrcOyeeJ54hs6TjHd83x2DES4sxkft_QMV9--jtsq_sT2hGh-lafnwbvsmKJ65avqJZm81xMTBylXucx95_JhesjAS-S9NOd_qqFRxTtRqUGOyWtwYG8AbgWvRlBvND4YOUQni61n-MeJvUcLvnDaFzu0oRmAL7hfR4DIip--890IIAGwNiMD8pT7L1OQVEfwafWWSzy3o3CWPjbvASrxhoeJW_sgEyuhX_VLZzX5mPLCZsCVulAELukRA42sLOBUZM3Ktlpi9tKwvSjxA-r6oSqjyDm-G11nQu02jOhdOlTpZ0rJ-D6D6A87hkFaI608WeNy7OuXu0XrSNn5Vg4LYMBNBHBr-mCEiYHby43HgN_w4hcmyBAZdqZVTbIeiLoUApUYbZcBJKdPkbOemSAWtOJK8M8J7AaW7j92Zv-tEimdsgfkFPp7rXFOkD0kPl79B2i5Mv0Yx2Qjx9mKDqyF9sM85B29FSYPp7d65W37YlAjq3MIqqMdo9bNJ9QRXxexjzNGMPyPhD4KlLAWkiKMiWZJknDc0GDGpXL_TUidHqtJG5lzJAhWX4U6DFQk53aTLe0YbWYZeDL41hzLoKpNQKOfmLM8ULCRTU73vZvOhOMfWs3sIFUvhfs8qniDrCAXuUmAVDWisr2zVxsT0NQSlei4ohkC3KFamcaiEp-8cl9kiwZUXxeRZ2balksQ1SpyEVvATjDnwg-nFQwEULTthHB-8Xc9CwhXH5Id1CHeK9fLzFd2SyQx8zLlbFkqt6gbmpXqM38MZHabpRtYUjR543YTiISW2MaqiTf4DYffMmpb4twahaOttdAmFGigeyU_XAbkSAVy1gx3b6W7XJJqZN8nVpYOnwEiJOwO_EZ_FsaEZib8brPlTkHEKdIZj6rELNHwtk7cj5KPg0ZB6RKWgxhwcIz0-azXtkaouJzfsBq53W18hES1HhwOUs0bUW-jkbkGh_SSDNIXKFA0y1kIyCth36pA-4LRG6kUWYatsdEgMJnMXX4_7qno8IHX8Wf2xysO6GDyliKeI1ejbEEvpdNOep41cnBTd1KcX4utyjEORu2CjNUkIZwJe6h-Hf1VEqac88_Om3UC42jl_CBh8-dejlWEvjlCnebaf1hlRSpsiosik6yrdnrXFxyZSy23AmQkQ7R8DzJ6KlmMv2BfTqMpRdlKt5SuYKlLzsp9LgCbgvnVxC4-7mDl8PMGqcwngIcJOVurEY7IWh_2XlmKX7TQqpt5ET86yj9Q8-xaC8Ns-kRYyY431Lnpgx691E57iMF-iU_8tcUEA7XBtm4QJIoW2HG7juBwPF4vsh1jokorUC1_3PAgM0wQNHfjnVXX9q2ROeIgx_m2Osus-yCbdPOtjD7TfhQ_VsQPfFy85tU646ppKq2E0vx06rTgPg9ZaVKFsxZQ3pBS17IOiVg8BTJDNcuc8bXJKAjQozIB8-9izXfbi4TnvBTzQOviw78WuE50FPT5tgSMtqTaQ8UWXLjS7CnrhoAHdDwpTucBZjZ5m2imZAcgFWjPT2AegCDsRrS49A5ufLeSwP6QhBrsorl_tqU5t8mabWAFXHajnBvuTujVr19mnoudtiqnebCD1SpeUxBANsbGquXS6n_IDGZNqU2yT3yt_hdJZ07vwNk7-1rk4lbvSecCa-SDX98MoFuDRIvs2VlFSUIvfWj3LKQObgx8X4bMkOFUjDFrud7uiFzfakiK23nuB7czSzt-bO_LLIVhrkM-qs5wc0NrgIwU4cFAbP9oOE2H_7rohrKUc0lH4gTEmBMUg72K6f0mymPzzvwZlXSa4a8AV__NDdnB6zjVEPDenLOpD8kKMpDqAOxgxWLjtfOLzMbX0AURfjLg88e4Js18Ob3izdAV7_mg7YHHYWlHeAiNo_J_zJzVquGPieRdlm9qfNMHrDGBT-OeMVyxbhJkKTOY11_J4ezIdbwyq7qs9yzHtkaLyIJcKhenYRIHNvSjr7th6_nz6UrJ-DKrkNGu6zuZSattOmyRFWA-LE7_kmK2awHWnRkLN7Nl--t2KRZWMLEK3lSEeYnVQGLjlceDZQucjWWR_MCNjjTInjwVOVRTLR88sSC7I-z5T9Vc1EEmsBp6knZ8qiLE35wM1OrkG2L07tlHAwn8vE1XN9DAu2QSdZJ3pgeoZRKcpSIBiqNU37lLOhuSCDiGI7rxfrGLHNIPoUcjnxg12EAjivLtl4nUQLoOy35DPyyF4K7d0W6b4X_WLuIkda74Ezf9xsYRA2IRiH_mkpt6ftb1l_fWudgs0Bx8ECJMy9S16etR6eCfx4xNXwIGZi9uP242mbHOE1-aWU7w62ALYNp8NRbvUyJiIdYbufQnWu1ND3g3ho4SBOkLl1MVEfs5mEgt5wO3Z3_Nt2DZgYkZPGXqGMyi0Q5VeF4zAj_-S15jaYZkN519AbJ6UElbBgNIdO1fmpKGkar-52CmNxLvZ5JGzFDk8B1uclDOgnLJi0_-rJfOrWtdkDlT6BzSZm8CYqSZbH1yasnlq3uFfCM9eYHyZO_lXn5rp6RC0M1RU6aQriSo_s6KB3d-bT-Am6USAfv4ZDzVcGaBzeZGiVlig2Mm1Dje-liHKqwERWltM6viM8JCfi4DC1pcpTh9k82AGKM40bHaJooKSbA3oMb2Yr3nsNTOCxQsFDzh1_Uu0dix18Ba8AdE95Fr_b-CsuZIm7_6rp1xBvz7ZIRGrD1SOiBoKKE68OUuGomH2DR4Z0_GegKjQdt3VQe4sDbHA2lxBjh6Z8NxYF674xSJg_gI8SWnBKqswexm7yDyER4mIUz5JAxK6-UOfXlsSKaM-NPLwOGhnMuroDerTIlWARw&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
cafe /
Resource Hash
2f255686c54d42d8c9c2a046638a017312914a16ca4b444cacfbcae8fabe807e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17262
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CC6C
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Wed, 13 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1112
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
396aa9bde88362bd1d235c6cd499d7ebe1e3dea3e988f3d147aed59be821c44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame EC88
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq33l684&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC88
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
377650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EC88
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
59962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC88
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702431211978&ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EC88
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq33l68a&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.h1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame EC88
31 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AG7Hz3HqYtUzwEo48Qcpnfb8etMTdIx5iTu6fOs_lviLwBefKwl7Phnt-kl11Gaj8e9Q-IO6eqhigO6S9vjn_7YFxfwg&cry=1&dbm_d=AKAmf-AVv7WHVG1JBW2-kAz4VhXx4rQ_JmIcRZIu5bU3_jQCmxupLWHZnCF9pPtQSatPYOJRJ4KZ2eqsux_Vp9crVIDnXjMR_46dSCWH69g7l_EnJu1dtrCVtqjHtORUbvwWALPpsjrjRReZ8Fbgu2wFTGM-zMrfq3qtMoodevIjVjHYz6-LWXNK-yrCStIz-KoTlIj9uz2CFBQN0YIk1pJGLJlBMvVcBwryBSLpisV4nQQg2cLi2EnmyXGD8Ngd2eGvN4psKfvUx0CHsMvBhCjMiiPQN8tQkiHPnmoVKFk3cqRCvvgn0GscKv-PtYr_x8lHFlJOpfOrUsH_4Z8y2XQ5e17LMWTSxkLwz7Hol1ClEF9XUTkZNG8rafQlDSZ6Gt-S0rRyRIGo92oMc86M8lpn2B1KyIkXt1yarWh2oleg9199cUxm76JkxMjH6eoS5Kr2ukjTknmVdSQy1z_BXoee42duFEWgSv4lXm3NVfWWBoxmOetobLjh3wpNBJddMErUnjMj4eVqMxdQfq1hCjKyiPjoRfkutUgwkk9YPPCa0BadUXCRHFJzDyefPRyM4-Y5OLclfvTNOvNH479LFrGuTfdea9zLTNuQ6e01p_Iavk_2gmGghUNeznl47ZstUE8_kYuKVSTIlB_ZB_o8fA_DbdWkzKKBvZTXxYdlTYgUeDUeabb6v9LKROS1ZOEhDodc_oTAn7NRGcA3ut2lwlVpSZFKN73FmpusDAftvKljSlSufyySEUbiMbVmfGRCaH7PPtQpjWH23Hdd-uJL8VXOQkhDQ6R9k8C4d2fgQ5MBTjCXsWa6zV2kj_hm1r5PXS1dAcnMrUenAfhzSCmJVyThQN5KG4TG4FlQFp2iwGj7PBX6VhYaussMOZ_j8TvaTAFjBbATnmUT-bRRGd0idWVf__Gnv4avXzjYBxasx55ubQQTYIeQpJWgzGDuvyrD0FOoYeM3f6CwpmJy3A4qNseVmmlqYmzkLOhlEoCBKrv19EV23zkIMRnpvBFf_kDE2oKAXFzL_UxXVs_MihGTRdHLGfiBhmdPa6LKRYVo5D_lWctZqvQfGgi-_eoOEcUtZPK_hso0fbLUV9aOcnSWFCH7ohh-7BIjhO50XxsQM_OImuPmb3TAvljdU-y08ABdGqgT5JCXCHGp2K6cHCCvRBBGO69a6N0-X-1joHesl1d9S36v71FGqwnpv748gVUUwQ8XScTO6oTX3IMDQnTy2DSIvkBrkLDbDNViyvslcXRQ0B-MYv2uOJeMzJ-A6QGXU0qKzsJx7YN1oW0p4HvhLwgAGBy6ycfX8Ax4lzkTGDzzsdH-nQ4HeLDE1pjFePtkf1FmS5ueokFDlATFXDKTs97Q-BNadevFjhqhdliApKA390AvfFd0veQTKbvo7tuhUL8cHd1UIDbRbsQZ6kd8dAMYnPgm4u6QVF7yxhemov_fYDvmnmYSZW0xnMqxC90y0piif0slcHBhg8LnvO9q1RQK1xdxKwbQzD_0vQOQn-zlPkbCJvjrbksO6MpeMI4OcOaFqVoMs8Ds2o8ziTfgMPFo2xev8Gc2rIxcDkwQ4xXxJxunbrKl1wQ36iNnXJ4QKLfezabxp6TOnaP04fAzConIjWsDga1wWdNLo_K1TNr1rQPeuJgTWALNo_ESAKXt9ICMs9_4XzA_XvsDt7NeXBf15SjH21CqAGdwJ4FBXtTAnJj0U0uY6_8xAcrzyEBjw12QziBz65QawEcMWBiZ5U6OVEzzpXWpnMZyQ2DDbLTY-HatqfrgBXGYJTTgRwI4F2ndwJJ-7_o7XFZkBtSP7lsM_Dxw0meckS8hfqVWKSg_xMbh8wDueYxrPU52rVn4zJ04GnOQFayHHy2l9RqgdxdXk-H_UVBsftioBdyrDFIin13sfZULdDIiw62e6egA39QQKqT3rg6BCaOBxnNxRPRcaL-aONA0p84G_uFnHOzAI7z1nykxB1tdNrnQOmdJdPe4eRam-B-KIGSsBX84OM1r8AeDeY0gMc04Io2MEesDSOngihS7eZXFR96UvQo68zlVJ7WgseQSLsl25nxHbl6XgTTiH-86qAHyZ7NncaPu2c5PRRF5XcaSNYmVzvCBn7_tqgxky9SZ6yJBRrzmM-QwHUF7hepHsFJwmg5sZPjpgAh1j7Ra6J4TLE0-xgIm6X5WXp8F93Im2-YYuMQnnBS08UDMLf6zFkpbAGRtBnAoWS1lqORhrw7kqdkU7I-6ctuSB2IEgtR3qAWxBx-bGO1OsQVZxP8hhohhwN0bAhwzmLK750yVG0eNbOXQPMw6kFht2myzQO9fZXxElO_iilelDqYMXqbxHio_7wWBnncWwm_y15sPZF1BHOOI7f2kbURFx1rmpHdi38a4BD8sHUIOULYSQhFJJXH92E3xZZY5-NdRLTSBXUAJPMRd3Y1NL8CBjV0jrrUf23dbbw3LhMQAE-CjNKg4TIVGq0t8Ry-dm_RPL3KX1qO4zse0TpJpB5qzbmg3UwH-awOO1yA1LQqYgjzrtGHUVrnJdku2EotPU1xTiPpStgnrYr8YCJ8yoWJyLithkx4dblssAiupjRSUzMTF5maZK7ZMYwcdbgchkyVkSO5WOgW4KyGKUNxaHnfOR8q5PLceiKEvIm_YDc1Hh9i6lYdj1PYNMxT9MeHOzvKxHs4eRkEVOF4-SJodpZENkGsCIIGRSqAnvoPUvRoEcXQktKWIB8bhIk_-fbA55c7rihArImpzSXiiGTr_pqiv2auQnLXerkOc1sdel0ZRkXp0PgIJt1U2H_OWXEDpgV8tlc4cpIB0EJzYF5HXl4z8XlIlKhb_xAg9aDl13qsW7c-0PSgJjDckvt4dnDxcp868EEr-CfCl9nWG4P7ewTNBdNC0r1x7jM3GhpEIDY-8xbg1mMDc0HKQnRA0xqRxdFsd7Xu12dAffDpKm33M68HePVACHdZqvISgAixu1fCb7hAKLv9PV16RqS6ztt-iDndX9R4zE8R4P_flCwH_xlGwdKa4eUKFCagZ_HZQ46VTFcoYOZPA5WQk-DBdK7N5sAixa3zblI5lbTO1bvy6qpuXuulElovMgvclrbuoeHquy4K7WxV3KOxT5hqYgVG7ODHQuyUNMFELo5zIm8yyrLBpLfceRVNuqBPFG0-Vd62aKz6ZHMZy7qr5vUIpN9ET2cWdeqnirAVgVi_B91iQQEUbMlsgDNEI5I4JX2OypU6BbNCiJWrN77N2NkYerHlP_K90T7_A8f-tH-W4GMIcfRqjqX1Ehd1Anphe_xPpetyAR6h0t1kydmxbq9cPvKgXG90oQxQtdsvNh1gixkwzrdVn9lqX42IX2hE1WLTq9zE8oCNvUUCPpoPpAj4H90ScwwE8rLZ5TFElGpb7Hovhen99n2Rk_woAQP0pXuLFuDTHEcwh2Wkmt2GhB0QG5bU9GdXcEpohdGRUpRZZKbcqf_pLfqV_EapHo-v7WbZ8o8bhG65qWLP_WYtALKAdlvy67HUGFb3MFbYJMXWcQFyTDyihW01R_ixi1MlJRgN5mggsZTrwXH2wdfaQ1LdrM8XuEkUQoTV9HXYHwJRt93WjM6vQfsT6X2PeRVqaLIz3vrmlyBJkN_pE7lhC0doLGm7zVwjdkW8CUlfH56q2bpkrafAT7NlgpsvxAyHPjFOvYZTCscMzActFTZ1EQqFEgQz4y9u2nfTS47GXpCZQIbZi-fvVi_0gP-oIfdcDB49JFhg3rQgnw6LbPc-vFi4er5AlLJWOc0681q8zgdz9r9laR2Cy9vmsCKX4vxLGqkdQzrJG8xEcdk38djHgdBYSJluCS8K16jXS0TwGh0dRA3DVIxiCz70GRNm-R0DxO0IoPwJLYHQhpgTrOY1owgo7KE3OMAL3X8m-DbsiOOywEiUvUc8yJFF_6lBy1Usi8Ty_rCqFyRMFZpZDBkLSzV9i5X6OQp-6146Xx3DesB9uH2VeTwLOtA3rwHqWpjpkn4S_1P8zdhWzY95tkg&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
cafe /
Resource Hash
06a70b8c1043dd53fd50a28c787fdcc96d00adf2dab6bc8f5f558836a85ee4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17446
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20A4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Wed, 13 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EC88
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d1352059225e20ff83188f1b2a14022ecbbe1f4421226beb884fd7fde98707d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame CC6C
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEphzj47s7gnCHPArH60AWk&google_cver=1&google_push=AXcoOmSQCbUrrtE9cx1GustKya5oq2-US1A81jhyr-3T6TBtk6OmP0gTEVztSjhTaCtmhFNdCRgh07FgWIcrsjLE-pjahloUGkzvhg
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEq3jgSehWd7u8AjVRkvl8k&google_cver=1&google_push=AXcoOmQrGb-K1nTHB23bhf67KVMXTnGxBeYB4egk0tm_fgqooQ01SpU27hDjDAb-9Lh0cvR65xlTMSWYaikqlA7mbR9-CoN60...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=864086004643&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCed...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO8nuvPdrcDqSlpUfkISo3k&google_cver=1&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKC...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTTGrZ1SKpvlIunYr19Xdf64sh3ylR49P9FP0CwR-gCN8uwcGuB1pDLXjo4KvJSxDQYvM6JJWjxp_Im_ulucBnKCedPQeGPjA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1M...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmTjwlU6VlPVF-9BRhPLA0-yX9r6sDtMDlxZGYWgsieSogV1c0X7EcBiOakUD-xaNLptM0CnaeRJH97Lr1MDvRKE-mGThjR9rA
Date
Wed, 13 Dec 2023 01:33:32 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECvnlr7LnLp5V2oYPxwB5Z4&google_cver=1&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOv...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQXskos206EHm85uR7LyIDV3Ct-Upi_kw10jPHeSKHIN_WKPBGJBrzv3ANA5btFgYmbt9B5v0e9UlclYrDliZXNHOvQMNrweXY&google_hm=NjQ3MzA1NTIxNzExODYwMjM=
Date
Wed, 13 Dec 2023 01:33:32 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFBTpngPMUYYU2LoWEm0_-4%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYnt...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
an-x-request-uuid
8df4be8a-efa3-4e99-a868-a22cadb71bd3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTE2Nzg2NDAyNTk1MzcyMDA3Mg%3D%3D&google_gid=CAESEFBTpngPMUYYU2LoWEm0_-4&google_cver=1&google_push=AXcoOmTIM4mnQvRV_zo0c0XCV6XZ97AYntT3sOImlsZqql1m_a1jCURoxS9F3Rl0yN6gRn96CjIoKLVtxGbeydVMEqyeMQTlMYxoMw
x-proxy-origin
138.199.38.132; 138.199.38.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC6C
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSlWlkjw_hg59OZw5Q24d6Tp2G-dSdPiNkOilKZGkmFWKkEHNS9IEgDFpWovFSP9QUC5NUQVzzw1DT_bYB8Ini1BAbiSxuMReQ&gdpr=${GDPR}
date
Wed, 13 Dec 2023 01:33:32 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame CC6C
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZ1lk58uIJO6vEQzUoeS66JwI4HBjkuWHXelrRjybRHcmulhm_4tqc0mjQw5CZZ6H6ew4CZEY_
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDtkhVFcne1opszwlNsEgJE&google_cver=1&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpG...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E5E9C5AC05D4A9499533F561792FCFB&google_push=AXcoOmRLn458OcNM2lVKEJhjXfKh8MtphTP0CI-vyrcW9NUq7FfZe5IBIjA0ozrlVHkgzJAFXhlainSQ5KRKZpGvoVvVqGoLS9A3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 12 Dec 2023 01:33:32 GMT
pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTFek6VVypZXES9wPZQl7d_ByI6GPwJp9WjX8Bo7fqxqFFFKfeKhqhvO0QdvbrHz7wJDRi0dt_tAh2UefNDxftQtP04dAIz
Date
Wed, 13 Dec 2023 01:33:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
x.bidswitch.net/ Frame 20A4
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHM9tIiXS8xFm9yTy7PYybU&google_cver=1&google_push=AXcoOmQxg8dNljcSfBoXE5gAaghs6ksaqBU1K9R73r-pqqmdH1uNLduEgrGB4LNfCQzhwztwcLFpnrhJywV2LXu35CaRP2yEbnih
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
us
sync.go.sonobi.com/ Frame 20A4
0
401 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQwTDUrCYatxb4nx4IUNpkCt4vQVuoWIOmuBgPe7C5hcULrC_loODdT9rqP9wpG4Uf3EGHmUSQufRrmRm19AjWhDtow6pDO%26google_hm%3D%5BUID%5D&google_gid=CAESEMQDIZ5ZUOiFb05fcYYsuXE&google_cver=1
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-213
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20A4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_cver=1&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ28...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 13 Dec 2023 01:33:32 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESELZ6qFjWUdJExbHrR11o2Us&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXkJ7MCo8YAAADNim3QAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad418"}
X-SO-Key
ZXkJ7MCo8YAAADNim3QAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad418
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQt37zkF3BmH-elZ_Jr31lNqPMUAanz89ze1R1Zx8xpWZEJORUA6YR8V17YnBS4vjXW-Prhr-FqPcLoz9pLEUKCvlLPy9jx&google_hm=WlhrSjdNQ284WUFBQUROaW0zUUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad418.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-IP
138.199.38.132
/
cc.adingo.jp/adx/push/ Frame 20A4
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESELvF5_CUK4o-3L9Mt1Gzbok&google_cver=1&google_push=AXcoOmSbMXw1_8DnRlTS3HYNdJE42A4o-cnmRVrnOBHy_Ki8fvzZ1OGcVeQJNl5Rc8EPPiI_r0mccdpUdtsPNCHBiLQyr9zpFtby
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.23.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-23-155.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
server
awselb/2.0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 20A4
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJYGXbtlNif0nZm0rGeiiks&google_cver=1&google_push=AXcoOmSEjf_oDFNOYnimX6mVO5LabVfBkeQjmqziwKlNiYS5JW_ce7f8FMxEcUSlR9-2ygHFvel-yg7rYz0CdBI2EpAr2rIwpkLHNQ
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 20A4
0
49 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3hXYsKS9UDLHkdtxHn_3EDmZRz3yn2PuhbiSbO3aY1R3nOLkEceOPqVitHqyoiKUBUPenDw
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdcvQ6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_Qxa24-0zyYcL-4XK0V5FaHGt9pWrAAMmnDhXwDmuzHOGaUl1qJT5CEPSCbJZzVgzB_WMrw_PszAuF_Y2HQVdmsjsZuFCvy8jgciK_5y1zH61ojrNYp97Cs1O_pIy55ZUNnQ8FCZwN7tGe4mLxzf7XeW2hgMErvIgHJ4CavAjwfrO2YxtxkVqVqNxkDrJodyigJhN-EVwIQj0KsvbIU37XWy5kapr4WWyhYLzMxaQ6QkSB6xFHYFpXiFsykFS6CPVocPF2HT_F5og6rgyantcDsWrweqCHPtHnpSoYiH8YhqS2xeUTIJcTjo4SjGLzFMAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCI8EUYsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9a_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Qe7ykSGv9Sk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 01:33:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1112
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdcvQ6wl5ZfLEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_Qxa24-0zyYcL-4XK0V5FaHGt9pWrAAMmnDhXwDmuzHOGaUl1qJT5CEPSCbJZzVgzB_WMrw_PszAuF_Y2HQVdmsjsZuFCvy8jgciK_5y1zH61ojrNYp97Cs1O_pIy55ZUNnQ8FCZwN7tGe4mLxzf7XeW2hgMErvIgHJ4CavAjwfrO2YxtxkVqVqNxkDrJodyigJhN-EVwIQj0KsvbIU37XWy5kapr4WWyhYLzMxaQ6QkSB6xFHYFpXiFsykFS6CPVocPF2HT_F5og6rgyantcDsWrweqCHPtHnpSoYiH8YhqS2xeUTIJcTjo4SjGLzFMAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCI8EUYsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9a_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Qe7ykSGv9Sk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYt306wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_QPceQPfaoZybep_7HsWw_vbh1eFpS8voMfJNzHU__19QSXhcq5sGDJQqWyF6fQqTA7V-2AJGxf5aL-YLb-TbQL_M-zDhnjIc1VUw6_KWNXT4iv-COUiWxxIawkkgjIy94rB5lZvzOOF4UOzq2_ft4zdCK79WLTtYD2sKkAtU2nZcYMSPLDmvQW60ZYNmbvWpUORSqJNxOHs4dho4sOj0Q7YoW7V2ewVi4JzQI_FKvOPaiN4i7_GpJeoO34zq3LikHimsdWSlfjjKaswQAHLVeA5W76IG_nAU4HMuxj7Kc7fCELvw41iuTCEKUY-HbVcAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCvr34YsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9K_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Xq2FL-reenk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 01:33:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame EC88
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYt306wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMBqgTwAU_QPceQPfaoZybep_7HsWw_vbh1eFpS8voMfJNzHU__19QSXhcq5sGDJQqWyF6fQqTA7V-2AJGxf5aL-YLb-TbQL_M-zDhnjIc1VUw6_KWNXT4iv-COUiWxxIawkkgjIy94rB5lZvzOOF4UOzq2_ft4zdCK79WLTtYD2sKkAtU2nZcYMSPLDmvQW60ZYNmbvWpUORSqJNxOHs4dho4sOj0Q7YoW7V2ewVi4JzQI_FKvOPaiN4i7_GpJeoO34zq3LikHimsdWSlfjjKaswQAHLVeA5W76IG_nAU4HMuxj7Kc7fCELvw41iuTCEKUY-HbVcAEyq362soE4AQDiAXPvODSTZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHnLGOtwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCvr34YsOHhgALSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WPXw77yii4MDgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9K_wvKKLgwMViHbgCh1H9AefsBP6pewVyBOk9JbkA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNjEwOTY0MjAzNTE1MDI1GLKYKugXBQ&sigh=Xq2FL-reenk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&vt=10&cbvp=2&vis=1
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 1112
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq33l681&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 1112
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:38 GMT
file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1112
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 01:33:32 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4302583
Last-Modified
Thu, 07 Dec 2023 10:13:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 13 Dec 2023 01:33:32 GMT

Redirect headers

date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
location
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3286478068475&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3286478068475&version=m202309260101&ct=76&x=1&cor=4864032977484306000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FA2F
110 KB
41 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDK1DuIhvyjvMYIT_OM67xTE5pwUGCzFSBK8dhoi-mZ80_ypbVdqgSsilW86nw3RqaURe9C4O-voFklmiQUtJxowdU3C98hl5QT5AnWwBF9MAaltx5nqvJiCWo7WMp4-t4-Xlf3-QlnAi8uzA3f7fxnjd7SIcCw_DlPea_4EJh8ECEDxo&dbm_d=AKAmf-Af64zrtU_dQOjyiQTJNdeUBaUSBJrHcB3baTRjpmbCLzhLyyC7c7Y9H0BAiAa4MrF42FzeEvjLo-XMk4z9deUyXDBOR7oW0U2o2ObaRFo6-B_SRdmHlzXVSzIhLgzRXYLfhHT7Vx7GuT-qdhJLg1m9fMz6lwMSuU7OdQx5JeD2lQW6WTn8YfXDZDzsKNF-EcfZpu4ht3HxF385TujLNSOkRiyGTtaVQ6hEtyBRxB3-ua4CP7gwbjViKF9uzWvN6ClrplRud1lGBt-knS9M8Y280-52T_g24Dl5IWkhz532KVDx0Zu76KUDti7vtXe077ZAWbBy0mk5gC2NmJOl7At9cgCtpCS2Lev1dW2M26UIY94K5CB2e7AXSTLwcdC2Bpn3sN9s7kB_tLZICST-vwKy_er12x4RYfQH5y0WOAy3bQOxpvR6RSdJjHjW7rfooRKgrEyOigZ-7NRpdCWtoGxhEsx34HKDgAmuVq_KjWv9rWoJgghd7nyu7UcXvzK_WZRcCOjH-Z_IfxiUomowz7Lo09xhxQIfvDaAft-M_OBvn1H5VcuWhA9LJqMWdv-qSAn_dy9h_wKtDo9ySeOVpjJ-LjDAbBtUWoaoFCk6gufvVJ3AGhvBzFmZG8KQqIolYzk680JoplIbzP1QKDwHUGsMcdZkdK9Pe3W-BV8Gk6QjYhEkfyfIYVbH5rYrgiTytC9dAlgiOo-gMzZD0SlOIyF1AcDe-KuMvLSjRDqGBBKQoY6IgEXzlnzhQnMnZGVNZNZSH61AvDaDDPPiUm2ECzAumjhwlwY2JfNPQXGCNkr5GqXa3b72uqdOPjwhQdIv195TH2_HR0SpLe7JuZFVXNfA-yEOYig4WUI7MyHqe2-rKq4sUe0lE9qz9GoPi6Q0dwza-GjkVr7Aw7aFMvuhax_tKOIkUPKsXSSqNXvUp4f2aGvyBFUddfP4V9sggFVD2Y6sUi27SuTtji4pDBtAFlQdRSBhxTVHc7s0__vKQpVpVfEplre9QwPaXQ0lDaqcduhK9MDz4U3ErUQ48GHEr9LU1OoPZuRhsRFDRBcBP4AiKsWbfRBGWZJ12tNkoYGwA1-tQSL6zl4Y08NMjF5VHZHeCkkgypL7CrpEZQWKQB9n-R7l5Y63EVJ8g-SFNsopVFC3W09YxaAVD4P-hchB6kzydLztndrhrjtSV1YWFZHTHwf4yln_F_QvCUk5O0jnRDeKnq7EEjICrrHU-wTHK57Nhdc7C_1DnPDgtpvpOFihu6CgzWItHJr5XgjKMbjbBYzgOS1oDFjjxLq5QtLjc3tnG2tSEZLqqgQuJeyZeCR82OfZZQ3X5LZdvhLaJnf8Iw4u8I19h-AUFiAAc75aSDN6OQUiwyPK5ILInotJWhT2d8DHxWqA7SYQTbDEN1GahPHE0o8cQZmHlFI5DumO6r6gWdbbHGyuiKG-ENByA5O00rfq2oDs1P3xrBl4GMU6_apDx6A90Jj1mF_0TNN6wFIEuKn6JNJrzXwM8ysrfHT_WcCMRfgHRjJoBFIRl9XEeTphp3CCB4SgoPMrIWwnv988Pywg61XY-klEO_WiV7BMXrCz8o3Spv23-aTlyz7vpDDIbsEq4g-T303u0_h-6mgFtrtvqEYZCjBlxQ3uhBzqvmh0gPbANodS_ZROShuGK0FBY0PolHdTsMfOPpl5v4DFeb-f8qnPwTBDm0HwQSQfq8NYnG795xFp0c8_5ny2XSpIFF6jdNIuOWC0vK555OZaNuww9JluEXGBKbnY9uL2gbkAugnHOnvcIbGDgwcnbyJtLyHGcpkdc6XIiJBO2ELvB8oLM6GXgzxOpnzu-3Pye1VmmuDzNfrdPlX8MSfLZ7GoK57fPTZnEGT84R2FnE0-03hptADtc_tqEtb53lzw67GaXHHUhO53At91i54nT06vdpajLyS7oaKA-t40sbionBehW5tsz0_1-TIkDAk2p8f9np1eNe6Ra38haHJod8qAy-R8hg1mydGpcP0CsrC7NiVt1umboTLNtPToBaEIH3tUWOcA-YotlcOmEGmw1XwsRlfDOUyzn3Mreptl1u1WYeKTnUC4vpWc_pnYHp58wzmE_GAi6G7Xl8KvNVM4qmxEaaAtS7BgX66txkW7HfneXjdI758Mi-F_2pQsw7YTGgH6AUj9ik3cKYTej9ymtHqSGgM1ezlddHOHPW4dzFYDWWDcKN0CFpHEUuqsrkhrlot7NDl6y-813DCAX1eUgcKD561M9k-aocg286sb3LmCcWcAsIzKtt5HdZRzATAdYfHoUi8XukI-pNNWqDvHLyCgLMOPlZuZrj3pmoArwJgNRbBAl_7lTFzTcfUYptSOme1K-6I9SZurty5tOI85p9_F7se8MgzgSWFAsbqiO7YoajgDp9A8HqwuAnI_RJoZcbzzWBVDO5MpeITAUbmf9ydtUllO_IalHECdy9nftr9pxn6TYjms-4fF49EchxTNHEOneWHwmY0eCpwoFtlKeqbfIR-jSgHglFE_igYBeBIXb5695qoPYJmm62p9MYBA2iDbZWbEf6Yp6OGhnKM-EZHwtSlZVlRyD5P_JIc0Wa46GyQ-0NK9BVaag1Q_699MqZnDGb0M8sGDnd60-OPBBSrPJaduJQtmdPSl8LCPcmIIg36oA_gfWVi3eVHubtWNaE55Sa7q6rXNFeCI87UChJvuA93C3nCASnNVAfw7nNL59afYpa8obZaJ1LQZddsUN85tCuIucprJzW-ose8E1rAquVi3TUpzkmna83H6QH-Y96YS5CsbSkX3g5_3nwzy9KeAhqYTvgkchlSuPUpCYx4o22gMCsztk-Wlr65mquw6XonqvpySIB0ZVTObdheajkALxgbQyDv_5a25_vf6uwnMfk4wu5Pw4I_QsGMvmO9H4QAYHNb7Lawjn7MkeBIoJNBlFIMG22_v9SrdiaHZbUq8ri8kfLeq1BEpeyFyACf7LT-8BhnadOov86vMrqR0UAdmJg-cMQKAWnZHK5Yg2G9tz3pPO1vLHpK3L6186ApQ9cxBmubNpnSFhd6Xnf3QwugqyMtGpXBWUuHzXoAL8peFf-iN7zfhpsUov-_eW5taZ28R-8fC0kZqvKr-GaNjW7nSMjyrPzqv72YcEnOz8RfLbEZpXQTUNGIseRXIJWYAeMRd1JNW4jLGgBqH9DqrtYhTGt-aRYrBPWWf5BOUrSVZ07PuSWQ-_PaPn-9xA_1LakGOCn1A_JdVlTgNLyljU2PvJMlRxnqImGmEvqAUQwSfFRT2iVHkQ4Gm62bhkrIln34FCGU-8VgkCy6lxQp7DIYnO_FJDaiWtrjhV-nl72WzOGj4kmX6A_z6nH-6645jEAJw4k9oN2UGGGE9ylW6F5sMWoE44diosPFVsLsbZRy2Wlo_L--dYSnsSJMv80eNVINdpyCtT0mRK0qorhwI4ChzAViirc7jJO_qPJ_otCTYxHJMadL891l7_Y3ooXnyucP40U-4edzweJ-PBCmCbMhVvhF3Tr2BhawF_eovLphHw1g6-WjleO0ApQjEzzfOx8TQ8ZtnCD9n8VZiJrFMgB52QBLkDKE8PVABVRbzNGdG2xXvgIX7soODNjMBfJV93AldZXQPj78H_m0wiJwyXBxh205POBB5gZcR-kLgWfT0TuvXdeFdW-VhvsZSzcHm97nzYezCa_TQEP37vKMnPph0tyIgByclF1kX7horKIo3OsjLOzepmrLB8qoculVsjm1wAPdJ2ZpdnDU6WgXW8yfLcVTXtkW9UH4ov7shcznxKYo0cyKSUJthdQALgZ3nkAeyA4rNpDZGdp1UppSsiuAcUGBFUPaloRB0TeDPYXQlTZb6_mjEyYZ2x5uiWrFqGoSYUANrtJeLu0yan7Y0zYklQAFLwVM0NNo2EqdpkbaBpcuXurfjZiZmOCd7L-h7ErbL5g&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=4864032977484306000&adk=3944675603&idt=174&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43477044787cfca0a9ff2f6586e76ddf9721dfe0caa4136d50b204b419969c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EC88
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq33l68d&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame EC88
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:29:38 GMT
file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame EC88
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 01:33:32 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4302583
Last-Modified
Thu, 07 Dec 2023 10:13:40 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 13 Dec 2023 01:33:32 GMT

Redirect headers

date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
location
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EC88
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq33l6bj&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.k7~videopreviewvisible.k9&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 19B6
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
68230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 06:36:22 GMT
expires
Wed, 11 Dec 2024 06:36:22 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7BB5
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
68230
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 06:36:22 GMT
expires
Wed, 11 Dec 2024 06:36:22 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 19B6
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
22838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 19:12:54 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7BB5
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
22838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 19:12:54 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1520186/71964889/ Frame FA2F
47 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.4.160 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-4-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e55eb04013fbd443d55b10ae80551bba8a4946c62ea50a134e820caeb1521a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FA2F
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 20:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 20:46:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FA2F
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDK1DuIhvyjvMYIT_OM67xTE5pwUGCzFSBK8dhoi-mZ80_ypbVdqgSsilW86nw3RqaURe9C4O-voFklmiQUtJxowdU3C98hl5QT5AnWwBF9MAaltx5nqvJiCWo7WMp4-t4-Xlf3-QlnAi8uzA3f7fxnjd7SIcCw_DlPea_4EJh8ECEDxo&dbm_d=AKAmf-Af64zrtU_dQOjyiQTJNdeUBaUSBJrHcB3baTRjpmbCLzhLyyC7c7Y9H0BAiAa4MrF42FzeEvjLo-XMk4z9deUyXDBOR7oW0U2o2ObaRFo6-B_SRdmHlzXVSzIhLgzRXYLfhHT7Vx7GuT-qdhJLg1m9fMz6lwMSuU7OdQx5JeD2lQW6WTn8YfXDZDzsKNF-EcfZpu4ht3HxF385TujLNSOkRiyGTtaVQ6hEtyBRxB3-ua4CP7gwbjViKF9uzWvN6ClrplRud1lGBt-knS9M8Y280-52T_g24Dl5IWkhz532KVDx0Zu76KUDti7vtXe077ZAWbBy0mk5gC2NmJOl7At9cgCtpCS2Lev1dW2M26UIY94K5CB2e7AXSTLwcdC2Bpn3sN9s7kB_tLZICST-vwKy_er12x4RYfQH5y0WOAy3bQOxpvR6RSdJjHjW7rfooRKgrEyOigZ-7NRpdCWtoGxhEsx34HKDgAmuVq_KjWv9rWoJgghd7nyu7UcXvzK_WZRcCOjH-Z_IfxiUomowz7Lo09xhxQIfvDaAft-M_OBvn1H5VcuWhA9LJqMWdv-qSAn_dy9h_wKtDo9ySeOVpjJ-LjDAbBtUWoaoFCk6gufvVJ3AGhvBzFmZG8KQqIolYzk680JoplIbzP1QKDwHUGsMcdZkdK9Pe3W-BV8Gk6QjYhEkfyfIYVbH5rYrgiTytC9dAlgiOo-gMzZD0SlOIyF1AcDe-KuMvLSjRDqGBBKQoY6IgEXzlnzhQnMnZGVNZNZSH61AvDaDDPPiUm2ECzAumjhwlwY2JfNPQXGCNkr5GqXa3b72uqdOPjwhQdIv195TH2_HR0SpLe7JuZFVXNfA-yEOYig4WUI7MyHqe2-rKq4sUe0lE9qz9GoPi6Q0dwza-GjkVr7Aw7aFMvuhax_tKOIkUPKsXSSqNXvUp4f2aGvyBFUddfP4V9sggFVD2Y6sUi27SuTtji4pDBtAFlQdRSBhxTVHc7s0__vKQpVpVfEplre9QwPaXQ0lDaqcduhK9MDz4U3ErUQ48GHEr9LU1OoPZuRhsRFDRBcBP4AiKsWbfRBGWZJ12tNkoYGwA1-tQSL6zl4Y08NMjF5VHZHeCkkgypL7CrpEZQWKQB9n-R7l5Y63EVJ8g-SFNsopVFC3W09YxaAVD4P-hchB6kzydLztndrhrjtSV1YWFZHTHwf4yln_F_QvCUk5O0jnRDeKnq7EEjICrrHU-wTHK57Nhdc7C_1DnPDgtpvpOFihu6CgzWItHJr5XgjKMbjbBYzgOS1oDFjjxLq5QtLjc3tnG2tSEZLqqgQuJeyZeCR82OfZZQ3X5LZdvhLaJnf8Iw4u8I19h-AUFiAAc75aSDN6OQUiwyPK5ILInotJWhT2d8DHxWqA7SYQTbDEN1GahPHE0o8cQZmHlFI5DumO6r6gWdbbHGyuiKG-ENByA5O00rfq2oDs1P3xrBl4GMU6_apDx6A90Jj1mF_0TNN6wFIEuKn6JNJrzXwM8ysrfHT_WcCMRfgHRjJoBFIRl9XEeTphp3CCB4SgoPMrIWwnv988Pywg61XY-klEO_WiV7BMXrCz8o3Spv23-aTlyz7vpDDIbsEq4g-T303u0_h-6mgFtrtvqEYZCjBlxQ3uhBzqvmh0gPbANodS_ZROShuGK0FBY0PolHdTsMfOPpl5v4DFeb-f8qnPwTBDm0HwQSQfq8NYnG795xFp0c8_5ny2XSpIFF6jdNIuOWC0vK555OZaNuww9JluEXGBKbnY9uL2gbkAugnHOnvcIbGDgwcnbyJtLyHGcpkdc6XIiJBO2ELvB8oLM6GXgzxOpnzu-3Pye1VmmuDzNfrdPlX8MSfLZ7GoK57fPTZnEGT84R2FnE0-03hptADtc_tqEtb53lzw67GaXHHUhO53At91i54nT06vdpajLyS7oaKA-t40sbionBehW5tsz0_1-TIkDAk2p8f9np1eNe6Ra38haHJod8qAy-R8hg1mydGpcP0CsrC7NiVt1umboTLNtPToBaEIH3tUWOcA-YotlcOmEGmw1XwsRlfDOUyzn3Mreptl1u1WYeKTnUC4vpWc_pnYHp58wzmE_GAi6G7Xl8KvNVM4qmxEaaAtS7BgX66txkW7HfneXjdI758Mi-F_2pQsw7YTGgH6AUj9ik3cKYTej9ymtHqSGgM1ezlddHOHPW4dzFYDWWDcKN0CFpHEUuqsrkhrlot7NDl6y-813DCAX1eUgcKD561M9k-aocg286sb3LmCcWcAsIzKtt5HdZRzATAdYfHoUi8XukI-pNNWqDvHLyCgLMOPlZuZrj3pmoArwJgNRbBAl_7lTFzTcfUYptSOme1K-6I9SZurty5tOI85p9_F7se8MgzgSWFAsbqiO7YoajgDp9A8HqwuAnI_RJoZcbzzWBVDO5MpeITAUbmf9ydtUllO_IalHECdy9nftr9pxn6TYjms-4fF49EchxTNHEOneWHwmY0eCpwoFtlKeqbfIR-jSgHglFE_igYBeBIXb5695qoPYJmm62p9MYBA2iDbZWbEf6Yp6OGhnKM-EZHwtSlZVlRyD5P_JIc0Wa46GyQ-0NK9BVaag1Q_699MqZnDGb0M8sGDnd60-OPBBSrPJaduJQtmdPSl8LCPcmIIg36oA_gfWVi3eVHubtWNaE55Sa7q6rXNFeCI87UChJvuA93C3nCASnNVAfw7nNL59afYpa8obZaJ1LQZddsUN85tCuIucprJzW-ose8E1rAquVi3TUpzkmna83H6QH-Y96YS5CsbSkX3g5_3nwzy9KeAhqYTvgkchlSuPUpCYx4o22gMCsztk-Wlr65mquw6XonqvpySIB0ZVTObdheajkALxgbQyDv_5a25_vf6uwnMfk4wu5Pw4I_QsGMvmO9H4QAYHNb7Lawjn7MkeBIoJNBlFIMG22_v9SrdiaHZbUq8ri8kfLeq1BEpeyFyACf7LT-8BhnadOov86vMrqR0UAdmJg-cMQKAWnZHK5Yg2G9tz3pPO1vLHpK3L6186ApQ9cxBmubNpnSFhd6Xnf3QwugqyMtGpXBWUuHzXoAL8peFf-iN7zfhpsUov-_eW5taZ28R-8fC0kZqvKr-GaNjW7nSMjyrPzqv72YcEnOz8RfLbEZpXQTUNGIseRXIJWYAeMRd1JNW4jLGgBqH9DqrtYhTGt-aRYrBPWWf5BOUrSVZ07PuSWQ-_PaPn-9xA_1LakGOCn1A_JdVlTgNLyljU2PvJMlRxnqImGmEvqAUQwSfFRT2iVHkQ4Gm62bhkrIln34FCGU-8VgkCy6lxQp7DIYnO_FJDaiWtrjhV-nl72WzOGj4kmX6A_z6nH-6645jEAJw4k9oN2UGGGE9ylW6F5sMWoE44diosPFVsLsbZRy2Wlo_L--dYSnsSJMv80eNVINdpyCtT0mRK0qorhwI4ChzAViirc7jJO_qPJ_otCTYxHJMadL891l7_Y3ooXnyucP40U-4edzweJ-PBCmCbMhVvhF3Tr2BhawF_eovLphHw1g6-WjleO0ApQjEzzfOx8TQ8ZtnCD9n8VZiJrFMgB52QBLkDKE8PVABVRbzNGdG2xXvgIX7soODNjMBfJV93AldZXQPj78H_m0wiJwyXBxh205POBB5gZcR-kLgWfT0TuvXdeFdW-VhvsZSzcHm97nzYezCa_TQEP37vKMnPph0tyIgByclF1kX7horKIo3OsjLOzepmrLB8qoculVsjm1wAPdJ2ZpdnDU6WgXW8yfLcVTXtkW9UH4ov7shcznxKYo0cyKSUJthdQALgZ3nkAeyA4rNpDZGdp1UppSsiuAcUGBFUPaloRB0TeDPYXQlTZb6_mjEyYZ2x5uiWrFqGoSYUANrtJeLu0yan7Y0zYklQAFLwVM0NNo2EqdpkbaBpcuXurfjZiZmOCd7L-h7ErbL5g&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=4864032977484306000&adk=3944675603&idt=174&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
84934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FA2F
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDK1DuIhvyjvMYIT_OM67xTE5pwUGCzFSBK8dhoi-mZ80_ypbVdqgSsilW86nw3RqaURe9C4O-voFklmiQUtJxowdU3C98hl5QT5AnWwBF9MAaltx5nqvJiCWo7WMp4-t4-Xlf3-QlnAi8uzA3f7fxnjd7SIcCw_DlPea_4EJh8ECEDxo&dbm_d=AKAmf-Af64zrtU_dQOjyiQTJNdeUBaUSBJrHcB3baTRjpmbCLzhLyyC7c7Y9H0BAiAa4MrF42FzeEvjLo-XMk4z9deUyXDBOR7oW0U2o2ObaRFo6-B_SRdmHlzXVSzIhLgzRXYLfhHT7Vx7GuT-qdhJLg1m9fMz6lwMSuU7OdQx5JeD2lQW6WTn8YfXDZDzsKNF-EcfZpu4ht3HxF385TujLNSOkRiyGTtaVQ6hEtyBRxB3-ua4CP7gwbjViKF9uzWvN6ClrplRud1lGBt-knS9M8Y280-52T_g24Dl5IWkhz532KVDx0Zu76KUDti7vtXe077ZAWbBy0mk5gC2NmJOl7At9cgCtpCS2Lev1dW2M26UIY94K5CB2e7AXSTLwcdC2Bpn3sN9s7kB_tLZICST-vwKy_er12x4RYfQH5y0WOAy3bQOxpvR6RSdJjHjW7rfooRKgrEyOigZ-7NRpdCWtoGxhEsx34HKDgAmuVq_KjWv9rWoJgghd7nyu7UcXvzK_WZRcCOjH-Z_IfxiUomowz7Lo09xhxQIfvDaAft-M_OBvn1H5VcuWhA9LJqMWdv-qSAn_dy9h_wKtDo9ySeOVpjJ-LjDAbBtUWoaoFCk6gufvVJ3AGhvBzFmZG8KQqIolYzk680JoplIbzP1QKDwHUGsMcdZkdK9Pe3W-BV8Gk6QjYhEkfyfIYVbH5rYrgiTytC9dAlgiOo-gMzZD0SlOIyF1AcDe-KuMvLSjRDqGBBKQoY6IgEXzlnzhQnMnZGVNZNZSH61AvDaDDPPiUm2ECzAumjhwlwY2JfNPQXGCNkr5GqXa3b72uqdOPjwhQdIv195TH2_HR0SpLe7JuZFVXNfA-yEOYig4WUI7MyHqe2-rKq4sUe0lE9qz9GoPi6Q0dwza-GjkVr7Aw7aFMvuhax_tKOIkUPKsXSSqNXvUp4f2aGvyBFUddfP4V9sggFVD2Y6sUi27SuTtji4pDBtAFlQdRSBhxTVHc7s0__vKQpVpVfEplre9QwPaXQ0lDaqcduhK9MDz4U3ErUQ48GHEr9LU1OoPZuRhsRFDRBcBP4AiKsWbfRBGWZJ12tNkoYGwA1-tQSL6zl4Y08NMjF5VHZHeCkkgypL7CrpEZQWKQB9n-R7l5Y63EVJ8g-SFNsopVFC3W09YxaAVD4P-hchB6kzydLztndrhrjtSV1YWFZHTHwf4yln_F_QvCUk5O0jnRDeKnq7EEjICrrHU-wTHK57Nhdc7C_1DnPDgtpvpOFihu6CgzWItHJr5XgjKMbjbBYzgOS1oDFjjxLq5QtLjc3tnG2tSEZLqqgQuJeyZeCR82OfZZQ3X5LZdvhLaJnf8Iw4u8I19h-AUFiAAc75aSDN6OQUiwyPK5ILInotJWhT2d8DHxWqA7SYQTbDEN1GahPHE0o8cQZmHlFI5DumO6r6gWdbbHGyuiKG-ENByA5O00rfq2oDs1P3xrBl4GMU6_apDx6A90Jj1mF_0TNN6wFIEuKn6JNJrzXwM8ysrfHT_WcCMRfgHRjJoBFIRl9XEeTphp3CCB4SgoPMrIWwnv988Pywg61XY-klEO_WiV7BMXrCz8o3Spv23-aTlyz7vpDDIbsEq4g-T303u0_h-6mgFtrtvqEYZCjBlxQ3uhBzqvmh0gPbANodS_ZROShuGK0FBY0PolHdTsMfOPpl5v4DFeb-f8qnPwTBDm0HwQSQfq8NYnG795xFp0c8_5ny2XSpIFF6jdNIuOWC0vK555OZaNuww9JluEXGBKbnY9uL2gbkAugnHOnvcIbGDgwcnbyJtLyHGcpkdc6XIiJBO2ELvB8oLM6GXgzxOpnzu-3Pye1VmmuDzNfrdPlX8MSfLZ7GoK57fPTZnEGT84R2FnE0-03hptADtc_tqEtb53lzw67GaXHHUhO53At91i54nT06vdpajLyS7oaKA-t40sbionBehW5tsz0_1-TIkDAk2p8f9np1eNe6Ra38haHJod8qAy-R8hg1mydGpcP0CsrC7NiVt1umboTLNtPToBaEIH3tUWOcA-YotlcOmEGmw1XwsRlfDOUyzn3Mreptl1u1WYeKTnUC4vpWc_pnYHp58wzmE_GAi6G7Xl8KvNVM4qmxEaaAtS7BgX66txkW7HfneXjdI758Mi-F_2pQsw7YTGgH6AUj9ik3cKYTej9ymtHqSGgM1ezlddHOHPW4dzFYDWWDcKN0CFpHEUuqsrkhrlot7NDl6y-813DCAX1eUgcKD561M9k-aocg286sb3LmCcWcAsIzKtt5HdZRzATAdYfHoUi8XukI-pNNWqDvHLyCgLMOPlZuZrj3pmoArwJgNRbBAl_7lTFzTcfUYptSOme1K-6I9SZurty5tOI85p9_F7se8MgzgSWFAsbqiO7YoajgDp9A8HqwuAnI_RJoZcbzzWBVDO5MpeITAUbmf9ydtUllO_IalHECdy9nftr9pxn6TYjms-4fF49EchxTNHEOneWHwmY0eCpwoFtlKeqbfIR-jSgHglFE_igYBeBIXb5695qoPYJmm62p9MYBA2iDbZWbEf6Yp6OGhnKM-EZHwtSlZVlRyD5P_JIc0Wa46GyQ-0NK9BVaag1Q_699MqZnDGb0M8sGDnd60-OPBBSrPJaduJQtmdPSl8LCPcmIIg36oA_gfWVi3eVHubtWNaE55Sa7q6rXNFeCI87UChJvuA93C3nCASnNVAfw7nNL59afYpa8obZaJ1LQZddsUN85tCuIucprJzW-ose8E1rAquVi3TUpzkmna83H6QH-Y96YS5CsbSkX3g5_3nwzy9KeAhqYTvgkchlSuPUpCYx4o22gMCsztk-Wlr65mquw6XonqvpySIB0ZVTObdheajkALxgbQyDv_5a25_vf6uwnMfk4wu5Pw4I_QsGMvmO9H4QAYHNb7Lawjn7MkeBIoJNBlFIMG22_v9SrdiaHZbUq8ri8kfLeq1BEpeyFyACf7LT-8BhnadOov86vMrqR0UAdmJg-cMQKAWnZHK5Yg2G9tz3pPO1vLHpK3L6186ApQ9cxBmubNpnSFhd6Xnf3QwugqyMtGpXBWUuHzXoAL8peFf-iN7zfhpsUov-_eW5taZ28R-8fC0kZqvKr-GaNjW7nSMjyrPzqv72YcEnOz8RfLbEZpXQTUNGIseRXIJWYAeMRd1JNW4jLGgBqH9DqrtYhTGt-aRYrBPWWf5BOUrSVZ07PuSWQ-_PaPn-9xA_1LakGOCn1A_JdVlTgNLyljU2PvJMlRxnqImGmEvqAUQwSfFRT2iVHkQ4Gm62bhkrIln34FCGU-8VgkCy6lxQp7DIYnO_FJDaiWtrjhV-nl72WzOGj4kmX6A_z6nH-6645jEAJw4k9oN2UGGGE9ylW6F5sMWoE44diosPFVsLsbZRy2Wlo_L--dYSnsSJMv80eNVINdpyCtT0mRK0qorhwI4ChzAViirc7jJO_qPJ_otCTYxHJMadL891l7_Y3ooXnyucP40U-4edzweJ-PBCmCbMhVvhF3Tr2BhawF_eovLphHw1g6-WjleO0ApQjEzzfOx8TQ8ZtnCD9n8VZiJrFMgB52QBLkDKE8PVABVRbzNGdG2xXvgIX7soODNjMBfJV93AldZXQPj78H_m0wiJwyXBxh205POBB5gZcR-kLgWfT0TuvXdeFdW-VhvsZSzcHm97nzYezCa_TQEP37vKMnPph0tyIgByclF1kX7horKIo3OsjLOzepmrLB8qoculVsjm1wAPdJ2ZpdnDU6WgXW8yfLcVTXtkW9UH4ov7shcznxKYo0cyKSUJthdQALgZ3nkAeyA4rNpDZGdp1UppSsiuAcUGBFUPaloRB0TeDPYXQlTZb6_mjEyYZ2x5uiWrFqGoSYUANrtJeLu0yan7Y0zYklQAFLwVM0NNo2EqdpkbaBpcuXurfjZiZmOCd7L-h7ErbL5g&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fblog.s.id%2F&ds=l&xdt=1&iif=1&cor=4864032977484306000&adk=3944675603&idt=174&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
17465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FA2F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
372504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 87CA
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Wed, 13 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA2F
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c70c2dd5488612bf0eccb077c37865ec8fae7f93d20b999835fe5a2e54021da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame EC88
4 MB
4 MB
Media
General
Full URL
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/705018D80EAC34A79D9BBBA784E75C083692EE28.5454DB76799E44B81D2B4B5974D1B64378ABDC76/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
389566d333197647653fcf27be7e79eb1c93b82bff0f3585cb2ce4a9259ca756
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 13 Dec 2023 01:33:32 GMT
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4302582/4302583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4302583
last-modified
Thu, 07 Dec 2023 10:13:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1112
460 KB
0
Media
General
Full URL
https://r1---sn-4g5ednsl.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733967212/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E4855EB70FF5537BD039A83FF61AC96176C597D.82B1F09774D2615C8672241FA22FEE822B00590E/key/cms1/cms_redirect/yes/mh/7Y/mip/2a02:6ea0:c71b:0:1012:c8bd:d1e8:1c56/mm/42/mn/sn-4g5ednsl/ms/onc/mt/1702430486/mv/u/mvi/1/pl/40/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 13 Dec 2023 01:33:32 GMT
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4302582/4302583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4302583
last-modified
Thu, 07 Dec 2023 10:13:40 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
client-protocol
quic
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AA0E
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
58805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEH_AGYwlJ7RJO9BYtdcz3zc&google_cver=1&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnO...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRDhYpjGQ0o2vnpp3FH5Yh2miXfA1Rel78XMPU75-pDvh_OzX5VqwH2plkb0CVXySzuU-ZSYSEdmnOe3rcJJ31N2ZlTs8E
Date
Wed, 13 Dec 2023 01:33:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
x.bidswitch.net/ Frame 87CA
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHM9tIiXS8xFm9yTy7PYybU&google_cver=1&google_push=AXcoOmR7rxd0fAUisA2BlE8kD1O0dy59Npaqx0zqdb72TuyhmoX4BmChy8xm2cQMt5rFpUfU3XE2y91ut9oSNc7f-_CH1_4hp8Y
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3Nb...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIfFLtsR3f7u-i_4DfRyhGo&google_cver=1&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwOTQyMTAyMzI3NTk3NDkzOA&google_push=AXcoOmSPegskj_nOcbzfwyC9t-qwBKbNx3BkapRw1LsMWpo-aP0N97l3lz9I8gJKaxNRbDLgYsPkw3NbCaw4oeghqznqdWYql5E
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOP_-xwWDsj0AMbqfY4ljQg&google_cver=1&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUz...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=4A59JtpPX25x5S7VoKkXxorHJoQ&google_push=AXcoOmT1g4p4pWh5focmzaiQ0AMIVN5HVM9PipYIiSENAHVvS7AmbzCO2jeeBEtVS9-9zsqJ_8o7R-TPFxPLdUzIMhCgpZb900w
Date
Wed, 13 Dec 2023 01:33:32 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/E4rooAtA/ Frame 87CA
0
35 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEL23EGHVTORWF3rzpwmRIEw&google_cver=1&google_push=AXcoOmQTR4mAxGd0-d1IV7GHnRZDo2UhxfoXypeAanvr4P5KzWS-j_Mf7uCBPrfqGTSdH39tG5x-1NEAJn-LFDks2GBg-LMt40E
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.107.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-107-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
/
onetag-sys.com/match/ Frame 87CA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHOW21-YQMgMe7e_p_QHFb8&google_cver=1&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwv...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxYT2Dn90dwi7bf6YOUgv9_fYzbsu0CRXlf5OeiU2oqXxahIEETEgOwuRPLosiEO9PbEOQkJTRQwvQ0cqlfF0GijmLMAA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 87CA
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=57b58565-61e0-4ddb-9d1d-c01a49901238&google_cver=1&google_gid=CAESEJIJ3ya3krWC5GRxaCc759k&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRq1QSXMDf7838-Puj5yHB9PGeuJLOskpyPeRvsdO8Q7ZFQZSiy6pnufBvRKqc8A-M_ytmZU0b2WOlOG6XhRaek2mg4RqI9&gdpr=${GDPR}
date
Wed, 13 Dec 2023 01:33:32 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 87CA
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km6_qX2ISoi0qJXRVuXrqoHhufwtuSfrfxrkekBBsZ20o_FKPG4VYvi1ZZx7rMQfi8aWHChXga
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
firstevent
jpmcbankna.demdex.net/ Frame FA2F
Redirect Chain
  • https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
  • https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
42 B
728 B
Script
General
Full URL
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
108.128.70.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-70-10.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0dd64a28b.edge-irl1.demdex.com 4 ms
pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
8+LhSIjGStY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0a36f617d.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
s/S+7mEiSPA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/ Frame BAFC
10 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0713f0f8b5a8e7e067c1a726702ae45a0866c65be56f0b6a1901f58ba200efc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
88991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3625
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 00:50:21 GMT
expires
Wed, 11 Dec 2024 00:50:21 GMT
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FA2F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzwOkeGfdQpv_ZjkL1xm2btveB5HPTaJwHXbgLa84t8K79BTf6SItYYdezD1NxOMxVQHRtN8l0CduVKRERgaZYDKDu5_9Ix3H8okqoVjWyXPKbP6LejeChzYykDtPu5R33Dq8rGzkw-C0NhdDBRd46IBBW13QsM3Pc9pTg0C1b_TM6WMDc0Tz-yX1kKX7b5Y9PeiZkXtf0Gm6dzem7XI4swQQ2AADhwI_tAtiVKR_bg54RjrcvTI5kcw1EB35rc0ofripNrG3etb7EFTlzKv2Y4of9GuOjFMD2UExHq5xKcJwjBpZQceIyaDA3HU51hP-2YNHyQvlzAjZUYwOihZSbgEWfH_sSn04UG4IvIdQZpm6yv9Ab8wDYGFsx1bV2Nt6J0VWs3aYkOCmiy78FSRPkSC-LH01kiPek8jbU02vA8aSLhW-AjxV8dda-EW-_ujjo6C2PG73qgkvZ3CUZ_kP7pexvOjBVFicq5RF0DFxLR-cXTRHMfdhUckJeEdzdrBS7qeqq7gQtVCIiROMKQsMwh3fFxRwTihzYi0ZGRyLDzRe0wUPxnPFhN6px1afqaPWbXIm4sN7s9F-TCFvw3KbsjlcAH4jnWjH8Ytr2P_M03dwfj-RcMPA2ONfU8A-JguDDixOoHJLm8Qj-hmoAq-yNXTKDnTkFLJNq5e4ihgFPDGyZ1SgyRsgMRrfDX2uxZMgPt4qcfcvdfYJGL_WFsBL1_VdN8PQfBPRKT7uUH1-Ey8H9sLCHcO9RmHBXmMqpf12S-_8kYyh6XT8H3mRcVBUDRHgkwdCI4CZMvsPbvpnTmN4k2UqWVCjWwtqVg9BfdMVPeKICuF7FzU4YVRrug5NDt7FYjFkkG1b5XL3q8XAdvLAPC0xoHiUILBp9fHJEZFqsbXVnXoKJjJbRTFuXJJVLq0JUECkrx3QWqoFhLHcBBoHJLVRtO2GfCOykSb5TL-cm1ljhEqK37EQCl92S_ARFVx5iiSC4Q4rYhjXZ0U7NHd3naNF2oR5vnGHR5WfgDzdiEW96ikrIcOVVssTsS91EdJNgysCsiMxvD-WHcea-0FMuLGJISUqYrOYLDI_D_1krf4yNtdjOQFIqpCdiMs7_5xeX2fLq423ZWp342lV4EeHBfOtr76G0UaNy98xuZT0M9zqv2IoCnctXAwv33W-2eMAix_H19tdnLgxvYnINSaQM2-Y5GXqo8e8bd1K1fYh8RlgwQI7I9mOWQXhzn2VOhq-44c0tO_7PQAR5D77uLKTt2CHgZzfsuFO-opMjUBUZxzZkeMZ96A9avucyoo7EtOfoFixgxHDpR96VRmtflJRdKTpUAxKZjmytzdORu-kMVI4_0RKrUMvQPurpWGs&sai=AMfl-YSaqods8GPn6Duap8IpGFbFw5wa3Wkke9L8dnkxz3mti1Gv9r5-RerIyOgThfbA_uy-0No3T_W2NtAfdzpidmovFkVCMO7YaBVCTqeb-ZDF9srJ7utqKDKeGRlJxE630BXlmBnhP4wRxJORzgE8wTsVQYfH3IoK5UGYBcaw7hazRZjBHbt3ReiPI-zrvKUi-Ozw2BVndU0RIcke0FWxVcl41cFoMkN9oxQEgdXym37hjDFy6RMnefQFZpQby6acnzTf&sig=Cg0ArKJSzCwx3o0m8YA1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=63&cbvp=1&cstd=62&cisv=r20231207.35821&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AA0E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
22838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 19:12:54 GMT
styles.css
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/ Frame BAFC
2 KB
717 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517977e97442af426c8d226fc8187fa9d036c7a566a9cc1488dc553102f8aa64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325233
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 07:12:59 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame BAFC
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 00:17:29 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame BAFC
64 KB
23 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1294004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23292
last-modified
Fri, 22 Apr 2022 16:32:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6262d89e-5afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ded0s0whRN1MkfZk%2FzvKTuqU3uPE3hFs18PmZPxqKaFaKhEdbv7tRPangJB0ireUJlSr2YCQFO%2FivgLX%2B3FC%2FB0cyXxaGRQ5DbwGnTa7h5AsERBOC%2B6sc7bATUXhpMLwTXYMyRqMBHp7NCyBlE2PMlNz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
834a75a4bb9a3674-FRA
expires
Mon, 02 Dec 2024 01:33:32 GMT
text-1-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
8 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-1-a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e491a498ec121779ed7c282df30dc76e479a73a0d2234535399bde198e3c93fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59007
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1851
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:10:05 GMT
text-1-b.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
6 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-1-b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3744493019d5eccccd7fa4b762681fa77fffa484d1e67db52a5b2e519c722f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1470
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:58:41 GMT
text-2-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-2-a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a29ff2cf4b0d13b171b9282d41c69c9324adc9e8842bc0d4ef3f5f0b6b386b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1546
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 02:59:00 GMT
text-2-b.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
15 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-2-b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1942ac40ccd6b33412c55f328bcd023a0f62dd595e45d7d5f66da7b228c2cbbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2401
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 07:20:22 GMT
logo.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d70004b9ccd3af99f650f77d4ff2d318867bf1a0b0bd1fe43799445cbc9bbe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134181
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2441
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 12:17:11 GMT
mc.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/mc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dcba527b4eb4467c18e27acbd8937279404dfd148b77fb5b650bc7f9e208422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1667
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 10:05:03 GMT
risk.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/risk.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80cdb452efb83d2576f33946582347cf3715a1eb7707efe34d3bab5c9d2eb705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1646
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 07:33:03 GMT
wheel.png
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
149 KB
149 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/wheel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e09854c4e5ccc9d3bf3d5ff9d58021b04622f3bb600e9344d6a5a0f25cffb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:39:20 GMT
x-content-type-options
nosniff
age
114852
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152312
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 17:39:20 GMT
text-3-a.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
4 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-3-a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52eb4b3d22ba31f1bd0b5cfb760ea77142cee79695ae4394c78a9b7bfd7adf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1444
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 20:02:01 GMT
text-3-d.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
4 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/text-3-d.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6199b87f123f744f322eb478305f60fbf9b36b220acd2c099b26428e894f3465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1081
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 00:50:21 GMT
cta.svg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
4 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/cta.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db9bfa3ff078313996a32ea9199a549baddee1fc790dc11fb910a286ff756698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1071
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 00:50:21 GMT
main.js
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/js/ Frame BAFC
2 KB
576 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f9cad3b318540a9345ba5653f3e805108bfe0ba02aa5c135cdeef7322283d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59007
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
547
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:10:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 19B6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BwyR_7Al5ZYfhAbCnmLAPhJSS4A8AAAAAOAHgBAI&bg=!NzSlNHvNAAY3kmNgF5I7ADQBe5WfOHy704gH1LJNDWKOPnt1Vp0mr4-L9pYA4k7vC4PORuVdhuc_1x1WNh7ZJnr6y6wtAgAAAHpSAAAAAWgBBwoAdeXhJzXxWQ0jRP5DN-e_1pIV8vezINRbL9gMYKDwXthBFlmtxeYXWNk1z9kv4JROl1uIvwn2pYnxwRL2D0BsuvDs5AE0IHPvxWwXcb4UR96VBOWkZpo0lBFACHdto0p8aiNaFPxiaJ2FSAs-kL-QfmcjYjbOepkDA5xfOhrHsprPK1BDqacS9Yl-NRz0J3KpXHirnrAQtS6ayXh3WMGyP4qBd1ReQR6bYewR7qSxihGJ2jvx6tHf-DZEfCSzLU3rtMGaSwtYKvshTe8bCfjFYP2A33qQ-XasEdl3tDjDuB5ilO4PLKOwvzBXOLG90UdhukzGXdLL4WgE6gsE4X1p8tOw-hoKH2eWgXQGHWxGT4WEWeEZ8_99IbB53jkthdvAbFA5cNHKUkTEZ9Wcx3GF6DOirgbAr69FSXBpYt1CPz8GKvy_ol0mQn6nM1m_KgWiDQFGuazG9pNIsWvUw2JIQ-8dPuO5kX1okuoDkIs7mqDIa7JEpJeWeQS-m1xdsvqQMSrhAP5ivTkwG2wsXec2TaEOBCuGIE9xoFI_a3TLq2mPhfXsaBWSrkphURjH71SloYGRS5UN5CWfk_Rg_xtGBlN4VWnEUm2oWoAhRCR8og-bSW5FPS5AGK61pbP-eijhtis5mCZqphNtxGGRxF0MoeTH9ADm6BYAGlm0EUniCeUYOCXSgpQusYSBGtPZJzpuwUYmT8xeL4DhwrrAEN1f-8iTyocUv4TYnBDUYan2dJrhyy-rEtoic8sfgMBSrZmouHs0qGoPbAd1U3JEA6H04_lOWbEQv44k-ugKAcuWON5HjEtnUOZugnjaAUlYwN5Rkbi3p9UCQskOT1_yvQ3I14fvy19bf4ZSsocCESv7IB4F0gX2Goxjf4FXre3msaridcn8BxVSQl6h1vm_tAu0ffWwCxkbgGwG2jFo3iiBAJr6wtCYO44CWV58VgaDj1WafU2upLLMESmHDGQVBGYVOsvR9zYIH9L1FI5GiX3MsHdpRDX5iYsAoYtWAvEy-tqHTI0HGsYIutgvvTtuQpNMzi6tf707ApZMi7S6FrenkpltUdMDtr9TYt9yhpZs5n1a-JiwQcGbdR0velPruYsVayTc2E_JLf9MHtR_K_c6vQY9M9e96My6x8cZpY3vvnVr0XPIRcbOeF20KaqUonuhEpwJ35kdhhRw3HgA0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.464.js
static.adsafeprotected.com/ Frame FA2F
213 KB
66 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bidurl=https://blog.s.id/post/2022/05/19/oops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRUsy2x6m3-opIJxhge4V9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:56 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
451117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
SCty5jvuPX849SDuQfFoY2zL-hqP7OBrtujA13BWuqqhAA9lsa4cdQ==
dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8...
ade.googlesyndication.com/ddm/activity/ Frame EC88
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOlj18O-8oouDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=part2viewed&ad_mt=19&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EC88
0
65 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQXimSidYvY6Q-_h7CzFHZxspWnikC5Dm5qVXYUtwjP2HUqqhlJ7-hkvPpjDUk6FgPzSekYyRHl8OGpYUm4AIuCNrx6-JTuiP6TgN-A628mxTpic8CQwZ7deqcCAhUKlNKf0Y7IDVJuW6bPCNV-PVqGczZK2-eNPsnYD9LXIvEueOTOrLBSuCdsf6vengQxgLb6Piw-P7OkG3ejKXGHpEDXZlJZtL2WQp41SdIJyx0_VP7XJBDLh-n3iY7hOog-wnuw9N5nS6IF32qFWfw3Zm1ygqYAzpcFNR_T2DJTH053ZAwAyyOReCGk5rLkD5rQhljaYK1kxnjFNx7i_XhfiRH26RUuLDX7qtai2mLNOtyX21jN2axFx-889OOIGX9Kv_4St-4IPLTkZC44t8HqeP9lpjIaC6aOmqtd_IxYTh1TMgsEezqRJ0cYXEX3txs_0B3D-2CAHdFeP5xSD3c_GqVIXOnZPW8fhIhifRrQJoghTtg2_JtMTm3DgUutn3jnpzW0E7rE8UGSnlqkPdpfhsSOzsErmWUeHFxwirxc6niSrtLHYNeC7vhEDk8FBH7eAWT2iA-0b7jMUhosoF1k3v1zkXaDTxJD85GQFej9jBnJkJzeJMd_1-bv-TMXZnjKR-vVBUlhPRQ9j3Uvw52Q1XMbElo2PRYLffi-eNAqkabr3MDxei3jmWm1j3sbKvvkmIzxxAeAPq-TOc-nq3jQg1fj_OO-_6HLOUglLcjvlbfev23LV3KLGIAaWRrvPJGf8wHNudmFFw6jfvSgDqRTwu6jYHGY_mlWrMIgl_tg70wruh-6LIEyXzFCoD4CgvG0K93u-t_-VGR7qXrYGatil1OWOyYKHVMziIl0CW0ESWMelsYIEa-9AlZh53JZHDi6FUYR5iqXlqGi5bm5PD4HM952dkyaW3-dIBh4HqV1p7DyZAxUwQNF252SWZAFwPPG0Ilnb1Vsc67Grfro4Ql9iJ-7honxBo1X61ptBP7GfMjo7X8bML--G7mHup6FXCtAbbr3GoOsJfR_WPsf8F3sE2BFc6SdWrb2IHDNMcB2xXHUUAmqwaUeOf61zQnJTAFHLVAVdKi4h-GZqUxfO3k5pEV1pSuJ35OOptBvqHaze4SPje6RtZDiP9NySjjliK3qAVUmfU8zli2h-PC2tuUdDKm3HVaDC4WydS9CC3XqF1bcHprXPUJCx_kj1tcwG5W6PnDXMeDzPXPpnZ_qV6qYwwWiSAOSqxkUkFyJkXErDb9g5lgt7xLZlwD3jKAxcI5jbRw0erx&sai=AMfl-YSzoIPJyEr51IKFk4WR-OmjdE_iwO8G1-nP2KTRa_RLdgODySjQm46etMLq4mFTzDcqtak-LoS4x4jDaYEdj6BIyI1ykBkipUQHZHbO4vHK30wsUS-fubkBhKwWyzOKlwfFTfONuMi0Y1Vmo2kGdYKF2Qoa1zkYusWnPDBAyxrMpnIlX7AoRtAaBlnbV89EY1FM3f_dwgI8wVgES6m9oK8IELxlwVPf-qs3itaguDqJn1u-OeBacUjkhwpjcw6RqccL&sig=Cg0ArKJSzKXrAz7UnATAEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
banner
ad4.adfarm1.adition.com/ Frame EC88
36 B
36 B
Image
General
Full URL
https://ad4.adfarm1.adition.com/banner?sid=5155022&kid=6256015&bid=18996164&wpt=C&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 02:33:32 +0100
server
ADITIONSERVER v1.0
etag
7311886379233708812
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-length
36
expires
Sat, 01 Jan 2000 00:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame EC88
Redirect Chain
  • https://ad2.adfarm1.adition.com/banner?sid=5151015&gdpr=&gdpr_consent=&kid=6224187&bid=18978849&wpt=C&ts=[timestamp]
  • https://imagesrv.adition.com/1x1.gif
68 B
178 B
Image
General
Full URL
https://imagesrv.adition.com/1x1.gif
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Dec 2023 01:33:32 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 02:33:32 +0100
server
ADITIONSERVER v1.0
etag
7311886379232920790
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EC88
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDa7KPkBBiw4eGAAiABMAE&v=APEucNWuq_aK2xAFvB9fqIhquC9NS-CRhmSCqWjPhQJTbf8-fd7qUWpknLUUhahlJXYxE-qatbHKxvwPnm9cEvtgChcxmLs1rQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame EC88
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC88
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTzdUDD0873g0AUEB4BWXeFeSBG-r_HnGCthwxQOq-KS0cipEyWt83FRzkPt9doiOUS-U1wlEBGpYQI1MN2K_XPKpXu7dbhJUS_qdMQo6O5Vv7EdYZefcnSLwUaW9Z8IhApsqejNYW_Zc&sai=AMfl-YTSFyVsbSIuxB7BAWwLJg_BvySQUF7WBqbkbV9X62PnxLin7-pjpzDdXdE30RqPgGgyxbRDyCwfBTsSdAKRaKd27i7nQnBY62GtLcZRdmNQFKlIgwv3uXNwqZA&sig=Cg0ArKJSzC-Tez3uxkvUEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702431212349&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=vast_creativeview&ad_mt=19&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D19%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702431212349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EC88
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lq33l6bk&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=205334&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.r9~ff.rf~videopreviewstarted.rf
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg1.jpg
s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/ Frame BAFC
64 KB
64 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/images/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbb8c1bb3a274e0894353deaa0e93da048a6a40e3a237396f24f068148bb27da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12836116748481195134/JPM54104_CCSF_GP_2023_DE_300x600/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:31:58 GMT
x-content-type-options
nosniff
age
104494
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65100
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 18:15:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 20:31:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BB5
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BL8Ib7Al5ZfSBAvakhcIPjMqOkAsAAAAAOAHgBAI&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOBRPPFw-wCP_xEqGxw9vuTFE6TjAUNIZvohK8F6g35vGDiJSEQiX3YOnjRemeASsAgAAAJpSAAAAAmgBB5kDBZhbmt7MX7htbz45vEZSxAm8m4qvJQW3b9JTVGbv6Udw40YuP1ba8RUpB17v-9FFz9tz6DG4Smi3ng_uzPpxSVnlq5oTd1zw3kdehqMEg8RigwI51cTG15H3ZvHPV_JXpYP9H4BduBDcgAMsF2rDIf9cwaXA2x_C2HIcjEtFcwOrKrtouf3_AWItbwe5da_0vWJG-hzKCEp9-UjczRC2RtMHwSwkENvu-DbCZTK7DT4XQHZhaojloSRGpQKPRugh3u_RlA7X16uEnKPPV4txZgzvmFR5YWJvcu9ZEEqJGnLSlAdYDwh7k0zNsrmeqOwAnf5UaJ8YUrkrNL1MLxkAjadaXX0MfDId0TGTVtoX6IbNoNNnwDMn6yrzm8Opk2f0ktPGCc1n2lRxMrqQxcmgNFfDFLALuDiRuZ0-O20d0_AxuOjRVebDMmutgUzYzuUxw8JIVv68mpMxMVhbJEP1YP_qaP11btVaKVIkNJKh9WhtHEOMjNOUMPipUmAbPbUuQVFNCbZeVpS0cnXE0wrUo5E0xhgxAarX3Lc2sOM5YryaBqRgdKwYNHUreYi7TF3XEO84oPFgVxSY5LXufX-aKx_MrzDDXptW2k_4tFO_PqlIrG5-37ielJr1zla2_yeA9SR6kH4BUBC4CgAvn-LfpQzm90gIR0LadVnGSLGPWA8S8I7NGdSRX3hKyXReSI0Dxvz3I2BPDDKpKeu9jc4d7FF3-jt8TZRRIghqfJQsX83fUXNg7tyV-zQ_AWhfAhoxgpoWIxrUIbTjdN5LpKQ8LYwHfaasCdZgyc_AvNYKcMpM3SVni6p4LRWaT1MqanALKEn2ZwcuF4IWKb-0QjSvgQCkTDkkndXf3uhUJNNkrn7Uw4Pme2HzFFgzgViBcByQfoarg-8t5ASs4ANWnUFJc2BM-EKQJJm5mnGOoLbeRvlil4XxSAu0dPMpMJaObvpBfbBU_k-tm3VJonvjaLpl_Qdgju4fsHf9h03XCV7jsrTQZp63hIQ6CuwfcgTcFgu9-D1v6ntw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FA2F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzwOkeGfdQpv_ZjkL1xm2btveB5HPTaJwHXbgLa84t8K79BTf6SItYYdezD1NxOMxVQHRtN8l0CduVKRERgaZYDKDu5_9Ix3H8okqoVjWyXPKbP6LejeChzYykDtPu5R33Dq8rGzkw-C0NhdDBRd46IBBW13QsM3Pc9pTg0C1b_TM6WMDc0Tz-yX1kKX7b5Y9PeiZkXtf0Gm6dzem7XI4swQQ2AADhwI_tAtiVKR_bg54RjrcvTI5kcw1EB35rc0ofripNrG3etb7EFTlzKv2Y4of9GuOjFMD2UExHq5xKcJwjBpZQceIyaDA3HU51hP-2YNHyQvlzAjZUYwOihZSbgEWfH_sSn04UG4IvIdQZpm6yv9Ab8wDYGFsx1bV2Nt6J0VWs3aYkOCmiy78FSRPkSC-LH01kiPek8jbU02vA8aSLhW-AjxV8dda-EW-_ujjo6C2PG73qgkvZ3CUZ_kP7pexvOjBVFicq5RF0DFxLR-cXTRHMfdhUckJeEdzdrBS7qeqq7gQtVCIiROMKQsMwh3fFxRwTihzYi0ZGRyLDzRe0wUPxnPFhN6px1afqaPWbXIm4sN7s9F-TCFvw3KbsjlcAH4jnWjH8Ytr2P_M03dwfj-RcMPA2ONfU8A-JguDDixOoHJLm8Qj-hmoAq-yNXTKDnTkFLJNq5e4ihgFPDGyZ1SgyRsgMRrfDX2uxZMgPt4qcfcvdfYJGL_WFsBL1_VdN8PQfBPRKT7uUH1-Ey8H9sLCHcO9RmHBXmMqpf12S-_8kYyh6XT8H3mRcVBUDRHgkwdCI4CZMvsPbvpnTmN4k2UqWVCjWwtqVg9BfdMVPeKICuF7FzU4YVRrug5NDt7FYjFkkG1b5XL3q8XAdvLAPC0xoHiUILBp9fHJEZFqsbXVnXoKJjJbRTFuXJJVLq0JUECkrx3QWqoFhLHcBBoHJLVRtO2GfCOykSb5TL-cm1ljhEqK37EQCl92S_ARFVx5iiSC4Q4rYhjXZ0U7NHd3naNF2oR5vnGHR5WfgDzdiEW96ikrIcOVVssTsS91EdJNgysCsiMxvD-WHcea-0FMuLGJISUqYrOYLDI_D_1krf4yNtdjOQFIqpCdiMs7_5xeX2fLq423ZWp342lV4EeHBfOtr76G0UaNy98xuZT0M9zqv2IoCnctXAwv33W-2eMAix_H19tdnLgxvYnINSaQM2-Y5GXqo8e8bd1K1fYh8RlgwQI7I9mOWQXhzn2VOhq-44c0tO_7PQAR5D77uLKTt2CHgZzfsuFO-opMjUBUZxzZkeMZ96A9avucyoo7EtOfoFixgxHDpR96VRmtflJRdKTpUAxKZjmytzdORu-kMVI4_0RKrUMvQPurpWGs&sai=AMfl-YSaqods8GPn6Duap8IpGFbFw5wa3Wkke9L8dnkxz3mti1Gv9r5-RerIyOgThfbA_uy-0No3T_W2NtAfdzpidmovFkVCMO7YaBVCTqeb-ZDF9srJ7utqKDKeGRlJxE630BXlmBnhP4wRxJORzgE8wTsVQYfH3IoK5UGYBcaw7hazRZjBHbt3ReiPI-zrvKUi-Ozw2BVndU0RIcke0FWxVcl41cFoMkN9oxQEgdXym37hjDFy6RMnefQFZpQby6acnzTf&sig=Cg0ArKJSzCwx3o0m8YA1EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=220&vt=11&dtpt=157&dett=3&cstd=62&cisv=r20231207.35821&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: home.s.id
URL: https://home.s.id/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA0E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcyIx7Al5ZfKYBpLT9u8PquatSAAAAAA4AeAEAg&bg=!s7ClsP_NAAY3kmNgF5I7ADQBe5WfOKG2gfKbhlxkKUMMLCB6pypZX7RqohnefOMQ8QY3X1uICblpXD4nWWx-7OQPvXAnAgAAAHJSAAAAAWgBB5kC_Q9WKL0S50wPkLukv86Y7dLzlC2IFwqZ2Llj7hus9tpLz_nrosTwEYDDK-_-c63BJso6cIebx3Uktju6zCIbZo0NRPMbBdEQo4QRTmS9lDi236WjPIn64m6_RSM_xvvGaINJzhYlYQ8Xk4BnnsJwju-E4hYjD2wbwjNP8lcAkkeAbE9MhKJEqzlwJG6eZHokYH_Avn9FBR2l-rZRZHn6cYfnHPZiPE8w9wrTKhKMu11wNEQKHdJmcuunyXWsI6tYxDbYeXtixRp1rRQY0yNr4Zm6drRV16TAYBnyMPOAFoRCStdxZv67IKJJkUB3BZHy4UdAWEGLDIy1dBUxcxY-hxWZoVreLUmexBIA9VoEq7Q5BKttEsdtMoQINCadNSpTcB0Dbs_q3Xz57UntNdUOmR5Z8mrFvqVlIw84Q-KGqBzlSLDM8F-knWQLZiULgt8YtearmvNMdau7kVjCYVT7Uh0FT86erndATnY8CaumCgZiTi4_KJBibXYJUzMb8DkdrvfwUv7pCU1FvslzschV6LMWYo5FQhhHzIxE07mjHALuqANYwNOfN2xaEDsJq0lSA21kkP7spyWPk9u7l7aRf_zBsSKlrqhskBTHyiD9T648TsOQObrat4V83A4hgPc0APY59xODsoy9rzBRlSo52jlYt2K5cSIadRk4ruyFHm9tVUJ8EAQe5F9sBPAJ3Pzb6mJVcqgKXW2X--JjfW-UNms4R7v6FKpQjbSwgowLMUFbt_V-x9S68EeZ2VPZG_mciAyqUQoMeFAjWony7RBv-6H0pNG-nLFMBkjnULMvYwOuV6r5aF6TGemh4rxvQaPvHFpgU_NiOwu6aFwgRAhUWjrl3uLCSIvlim2UtSHGtW0OqIldOakAqBtilRU1JIDdSAQL-jqSVz4x8fvkAdKq385zpnv4KL1hVKekt6nUBBca45b7eZj5dukGqz8RKyLSBHrYQTa5uY0Bg_N1YXnfWzhLcVebYhgoLVrVN0RSBBJVsCAUFeBYYD6z3tKvxg
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame FA2F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1520186/71964889/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=20075793042&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
17 B
474 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Protocol
H2
Server
2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
6646334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
PROcaaNKDg_FvfDjxlr6ntMCQXSHXqMR6A4p3DLkbN8hK8_FPYdKRg==

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:32 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame EE20
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
7176262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ik_2-R_4CgEzxaCdVJDzzpYmru2T3LULI1p0o6JhLHvvBeU372GjTA==
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFH,pingTime:-3,time:220,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:220,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFI,pingTime:-6,time:221,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:221,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178%7D&tpiLookup=ao:blog.s.id*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvFN,pingTime:-2,time:226,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:469,beZ:470,mfA:638,cmA:639,inA:639,inZ:641,prA:641,prZ:644,si:647,poA:648,poZ:656,cmZ:656,mfZ:656,loA:690,loZ:691,ltA:695,ltZ:695,mdA:470,mdZ:630%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sinceFw:48,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvKj,pingTime:-10,time:506,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702431212851%7C%7Caeaf18ba7c4e81a93cd3467c48921aa5%7C%7C31f552011cd49d12bc3cd930bb193459%7C%7C55f6a573a128af67b83a89e4163b7eaa%7C%7C92ea4cd3ebac9ad7b34d1a086ebbf0cf%7C%7Cb7f86de68126e3d4b977cd744b689665%7C%7C54dc9d674b7378e00eb16ac1be61550c%7C%7Ca51928a50c406790e3ce147922bb067f%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 1112
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq33l6ax&c=5192186116256&slotId=2596093058128&qqid=CLLm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.jn~vil.r9&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EC88
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lq33l6ir&c=1943428789456&slotId=971714394728&qqid=CLHm8byii4MDFYh24AodR_QHnw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=15000&met.4=vfl.t0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FA2F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqKvMWfe_AEiJoc573UeFNAX9nlPRkgn_UkVKqPzDSCWLF2VLw-hVe4NCZB9-WQuLg0LCKcKDNoXhOLgXA5qp4s4WlmnqVZEf6eq-gfbwhENSoK26K2Y5dEMPmBAiDXdlkbU-SA2oWKKPS2vyNJThqfXiB&sai=AMfl-YS4Y_g-7IZE4ifG-BeeFcBVn9ifRThPYaZRKZWIonlb1QxybbdgEykgF5s3QUmK7IwFqorVACXdqg89TYMdx-AwcwKSbY6ABQjkLSk5ncqkl3XMET6QfwROwkM&sig=Cg0ArKJSzLw78YrMySIcEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidar2&mcvt=1000&p=226,1345,266,1386&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702431211876&rpt=312&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA2F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3286478068475&version=m202309260101&ct=76&x=1&cor=4864032977484306000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvVV,pingTime:1,time:1226,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sis:249%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt30.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA2F
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=75148285-57a9-340c-4f33-6dc5df66d372&tv=%7Bc:wDKvVV,pingTime:1,time:1226,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:177%7D,%7Bpiv:0,vs:o,r:l,t:220%7D,%7Bpiv:100,vs:i,r:,t:226%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:226,n:220,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1,0~0%5D,as:%5B50~300.600%5D%7D%7D,%7Bsl:o,t:220,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.600%5D%7D%7D,%7Bsl:i,t:226,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tYhlS53+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C1a*.1520186-71964889%7C1a1%7C1a2%7C1a3%7C1a4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:178,sis:249%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:c9df:b77c:1926:7ee4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:33 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EC88
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTzdUDD0873g0AUEB4BWXeFeSBG-r_HnGCthwxQOq-KS0cipEyWt83FRzkPt9doiOUS-U1wlEBGpYQI1MN2K_XPKpXu7dbhJUS_qdMQo6O5Vv7EdYZefcnSLwUaW9Z8IhApsqejNYW_Zc&sai=AMfl-YTSFyVsbSIuxB7BAWwLJg_BvySQUF7WBqbkbV9X62PnxLin7-pjpzDdXdE30RqPgGgyxbRDyCwfBTsSdAKRaKd27i7nQnBY62GtLcZRdmNQFKlIgwv3uXNwqZA&sig=Cg0ArKJSzC-Tez3uxkvUEAE&cid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2202%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D219%26dur%3D15018%26vmtime%3D2225%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2202%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8...
ade.googlesyndication.com/ddm/activity/ Frame EC88
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9KeXvaKLgwMVdlJBAh0MpQOyEAAYACCB37JiOhoI2uyj5AQQyq362soEGKT0luQDIIXDq6ODEkITCLHm8byii4MDFYh24AodR_QHnw;dc_rmcid=CAQSOwAvHhf_m-EkC1ZT-joQqs_38qAL6GkyW-coTBFTP2Ivfi4I6Tvpefrx027AiGowqhh7E-8xEWHlGz_fGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOlj18O-8oouDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D3730,0,0,0,0%26mtos%3D3730,3730,3730,3730,3730%26amtos%3D0,0,0,0,0%26mcvt%3D3730%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3931%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D219%26dur%3D15018%26vmtime%3D3956%26dtos%3D1729%26dtoss%3D2%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3730,3730,3730,3730,3730%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3730;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame EC88
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGvK-6wl5ZfHEGYjtgQfH6J_4Cd3Zwdd0hcOro4MSo5_cpY0CEAEgktjfSmCV4pCCoAfIAQWpAnFU_MewG7I-qAMByAObBKoE8wFP0D3HkD32qGcm3qf-x7FsP724dXhaUvL6DHyTcx1P_9fUEl4XKubBgyUKlshen0KkwO1ftgCRsX-Wi_mC2_k20C_zPsw4Z4yHNVVMOvyljV0-Ir_gjlIlscSGsJJIIyMveKweZWb8zjheFDs6tv37eM3Qiu_Vi07WA9rCpALVNp2XGDEjyw5r0FutGWDZm71qVDkUqiTcTh7OHYaOLDo9EO2KFu1dnsFYuCc0CPxSr2D3OMIbKbr4j8gxtUGI7_7fZV-dLJzkb0vXxJcOoxacRs51bthEUGErFgRVRmHQSTkMqgLk_FGBkaoFTYxu16I1XyLABMqt-trKBOAEA4gFz7zg0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY9fDvvKKLgwOACgPICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRF4g0TCPSv8Lyii4MDFYh24AodR_QHn7AT-qXsFcgTpPSW5APQEwDYEwqIFAbYFAHQFQH4FgGAFwHoFwU&sigh=OHUGkdFHLCQ&label=videoplaytime25&ad_mt=3956&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D19,1,281,467%26tos%3D3730,0,0,0,0%26mtos%3D3730,3730,3730,3730,3730%26amtos%3D0,0,0,0,0%26mcvt%3D3730%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3931%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D219%26dur%3D15018%26vmtime%3D3956%26dtos%3D1729%26dtoss%3D2%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3730,3730,3730,3730,3730%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D470376595%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3730&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702431212349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 01:33:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
213 KB
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911362765832022&correlator=693694084228574&eid=31080124%2C44807746%2C31079724%2C31080116&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&didk=428387926&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D0b0a514a105c394e%3AT%3D1702431211%3ART%3D1702431211%3AS%3DALNI_MYLLjdBx2ismjg-VgwSk9tdHa5EYg&gpic=UID%3D00000d1916623fcf%3AT%3D1702431211%3ART%3D1702431211%3AS%3DALNI_MY6IU0lb0eyo8erCkg3S-euqGeo6w&abxe=1&dt=1702431216353&lmt=1702431216&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=144635658.1702431210&ga_sid=1702431211&ga_hid=1439740521&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY1_66hsYxSABSAghkEhkKCnB1YmNpZC5vcmcY9v66hsYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNf-uobGMUgAUgIIZBIXCghydGJob3VzZRiT_7qGxjFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pWmpKemMzZEhPSGRUY0Rad01uaDZSM0ZUTHpoWVVUMDlJbjA9GJaBu4bGMUgAEhsKDGlkNS1zeW5jLmNvbRi5_7qGxjFIAFICCGo.&dlt=1702431210578&idt=751&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-are-accessing-a-forbidden-link-what-does-that-mean-8w002bto2%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26protag_template%3Dsite%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D04%26protag_minutes%3D33%26protag_hours%3D01%26protag_day%3D3%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&adks=2571317652&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 01:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58654
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://blog.s.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
39 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.s.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 23:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
5931
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 23:54:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.s.id
URL
https://app.s.id/api/user/me
Domain
sdotid.zendesk.com
URL
https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je3bt0v889124234&_p=1702431209745&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=144635658.1702431210&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702431209&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=&en=scroll&epn.percent_scrolled=90&_et=11&tfd=3473
Domain
home.s.id
URL
https://home.s.id/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag object| protag object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __cfBeacon function| gtag object| dataLayer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| zEWebpackACJsonp function| zE function| zEmbed object| google_tag_manager function| onYouTubeIframeAPIReady boolean| zEACLoaded object| GoogleGcLKhOms string| protag_matomo_domain string| protag_matomo_SiteID object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| google_image_requests

43 Cookies

Domain/Path Name / Value
.s.id/ Name: _ga_98MWVCBDD7
Value: GS1.1.1702431209.1.0.1702431209.60.0.0
.s.id/ Name: _gcl_au
Value: 1.1.848533358.1702431210
.s.id/ Name: _ga_LJQ0V44EV5
Value: GS1.1.1702431209.1.0.1702431209.0.0.0
.s.id/ Name: _fbp
Value: fb.1.1702431209905.620576761
.s.id/ Name: _gid
Value: GA1.2.605542577.1702431210
.s.id/ Name: _gat_gtag_UA_225238330_2
Value: 1
.s.id/ Name: _ga_LBWQJM5WLF
Value: GS1.1.1702431210.1.0.1702431210.60.0.0
.s.id/ Name: _ga
Value: GA1.1.144635658.1702431210
.s.id/ Name: _ga_GJLS9JMJCK
Value: GS1.1.1702431210.1.0.1702431210.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkcnM3vvKa_xmghAulKDEYm2LD8pCc2R6T8I7wxNlBnJhLhljXetZW5pnu57O4
.s.id/ Name: lotame_domain_check
Value: s.id
.criteo.com/ Name: uid
Value: f62cf4cd-e605-4b9c-ab95-2efa4eff41f2
.s.id/ Name: cto_bundle
Value: uIpykV8xTUIyWHc5QmtDOSUyRkdHdko5YnluQURTbE0waUhWM3NxOEFwM3I5eTg3ZU8xS3FHaGlNa3BlWlVRd2l4MWJDZWZ3MWU1UlhPVzRRU2lXZDRkcCUyQllxdTVud0VRcmdiR2laMXNGUmlIT0tFTEtidGhqMGFINWNiWmMxRTklMkJGMjNRTG15SnRBYW1RY1VnRTZCOXV0dEg2RHclM0QlM0Q
.openx.net/ Name: i
Value: 7f6b2cc0-6f30-4a9e-a9db-1cc6a92ffc5d|1702431211
.s.id/ Name: __gads
Value: ID=0b0a514a105c394e:T=1702431211:RT=1702431211:S=ALNI_MYLLjdBx2ismjg-VgwSk9tdHa5EYg
.s.id/ Name: __gpi
Value: UID=00000d1916623fcf:T=1702431211:RT=1702431211:S=ALNI_MY6IU0lb0eyo8erCkg3S-euqGeo6w
.casalemedia.com/ Name: CMID
Value: ZXkJ6.8IKvdk-iNUwbjKrgAA
.casalemedia.com/ Name: CMPS
Value: 2239
.casalemedia.com/ Name: CMPRO
Value: 2239
.acuityplatform.com/ Name: auid
Value: 864086004643
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRhgZbA+ymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYYGWwPso90aGlyZFBhcnR5VXNlcklkWkNBRVNFRXEzamdTZWhXZDd1OEFqVlJrdmw4a/v7hnZlcnNpb27C+w=="
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3v5.I#!]tbPl1M>e)ZlrFUfJ+tGXxp)S42`mErVhiMwP)>T_.!#@eJFOb#ok[>OJjs3If)y3KL9D3I?+aC8K](
.csync.loopme.me/ Name: viewer_token
Value: 57b58565-61e0-4ddb-9d1d-c01a49901238
.adnxs.com/ Name: uuid2
Value: 5167864025953720072
.simpli.fi/ Name: suid
Value: 9E5E9C5AC05D4A9499533F561792FCFB
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dS7Lyyky98nzKTANM8qPDKgodzKNMgEA1L8OrR4AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dS7Lyyky98nzKTANM8qPDKgodzKNMgniNTQ3MDIxNjQyNDIwtXjFiMK3BADeo0OKPQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNDMxNzYwNTUyNDc0tDAzMDIW4jPU9fZ1zghxTw5NyolMAgCgP7ovIwAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNDMxNzYwNTUyNDc0tDAzMDIW4jPU9fZ1zghxTw5NyolMAgCgP7ovIwAAAA
.adsby.bidtheatre.com/ Name: __kuid
Value: d120611d-0b3b-44eb-b748-4f3b5d83681e.471645212
.de17a.com/ Name: guid
Value: 1.4553918725328846174
.go.sonobi.com/ Name: HAPLB8G
Value: s86213|ZXkJ7
.adform.net/ Name: C
Value: 1
.demdex.net/ Name: demdex
Value: 51136055349677424991475642946634641044
.adform.net/ Name: uid
Value: 6209421023275974938
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e00e7d26-da4f-5f6e-71e5-2ed5a0a917c6.1pFXuegY9Oynmcr4km8xIIcLUIR75iin2sfGOywXM9k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4A59JtpPX25x5S7VoKkXxorHJoQ.8HjCmCBedvXROz0L4CpPg5PgW%2FMm3P8zzTxDsl1W1qE
.jpmcbankna.demdex.net/ Name: jpmcbankna
Value: 51136055349677424991475642946634641044
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDsk-SrBjABOgQwgL_qQgTlVc1e.n5JKxEbIJ1sox2MXYGGj%2BnkRxYTLPAVEY%2FodkZDON8g
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIF7RCE1Fz1KkAj-Zqp35NhOmdWcAtfcSH35EsFNg0KzAEHwYBCDsk-SrBjABOgQwgL_qQgTlVc1e.n5JKxEbIJ1sox2MXYGGj%2BnkRxYTLPAVEY%2FodkZDON8g
.adfarm1.adition.com/ Name: UserID1
Value: 7311886379233643276

2 Console Messages

Source Level URL
Text
network error URL: https://shortener.zendesk.com/embeddable/config
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193457939&d_placement=368994751&d_campaign=30127422&d_bust=581387519' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
accounts.google.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ade.googlesyndication.com
ajax.googleapis.com
app.s.id
bcp.crwdcntrl.net
bid.g.doubleclick.net
blog.s.id
c1.adform.net
cc.adingo.jp
cdn-sdotid.adg.id
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ec6f8b1051d11f1930913e2f346155b2.safeframe.googlesyndication.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
home.s.id
ib.adnxs.com
id5-sync.com
imagesrv.adition.com
imasdk.googleapis.com
invstatic101.creativecdn.com
jpmcbankna.demdex.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
protagcdn.com
r1---sn-4g5ednsl.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
s.id
s0.2mdn.net
sdotid.zendesk.com
secure.adnxs.com
securepubads.g.doubleclick.net
shortener.zendesk.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
app.s.id
home.s.id
region1.analytics.google.com
sdotid.zendesk.com
104.16.51.111
104.18.36.155
104.18.72.113
108.128.70.10
124.146.153.166
134.122.57.34
141.95.98.65
142.250.184.194
142.250.186.98
154.59.122.79
162.159.138.6
172.217.18.2
185.89.210.141
193.0.160.131
193.84.85.178
2001:4860:4802:32::3
2001:4860:4802:32::36
213.155.156.185
217.79.188.21
217.79.188.46
217.79.188.59
2600:1f13:800:7782:c9df:b77c:1926:7ee4
2600:9000:2127:c000:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:78e
2606:4700:20::681a:7f9
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:6a::6
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a00:1450:400c:c06::54
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
3.123.203.242
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.204.158.49
35.214.190.53
35.71.131.137
37.157.3.26
45.126.58.90
51.89.9.251
52.194.23.155
52.48.81.28
52.59.107.120
52.86.155.246
54.247.4.160
64.233.167.157
65.9.95.74
69.166.1.34
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
058f6340fc2dd949cfa4e2d40dae86c83daa389994729a151d1309cecaa7e46b
06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3
06a70b8c1043dd53fd50a28c787fdcc96d00adf2dab6bc8f5f558836a85ee4ba
0713f0f8b5a8e7e067c1a726702ae45a0866c65be56f0b6a1901f58ba200efc7
08e27c3d3459374fae8672b879d9ad1b6965595612605be8d1e0fe873a232ece
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0b1f8fb54de3fad4a7f92fb7b03bdb9c0acff2d156dcc0f430d9221849e3113a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c70c2dd5488612bf0eccb077c37865ec8fae7f93d20b999835fe5a2e54021da
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eface46a399934cda952d5f5d125ea4f4103ccf5d0a5b900bcdfd14a808af68
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11d0f48b04d2553ac97b87aae4e8ced4ce81727e65aa31b91ef521d8195a7232
12a2cfd2ffbc1ea445b253c65d32d2800c3b2a027dfa44571f8f2640cc6fc7f1
1373576b47409b734b6d633162733592b809e479940f1507db83ecaf45c7676c
1487936e32296ba5ae5002b7528b604a8784e7b2826bfaebb2ce6ce0d80b6b2e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
184733c2171fc0a56148cbf5e5f1d5e5ae640f660e6e328bb84cbccb21785813
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18889b6b7e9425d042a820d83d9ae7fca99127e2192317981767f5c35acceb7e
1942ac40ccd6b33412c55f328bcd023a0f62dd595e45d7d5f66da7b228c2cbbc
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1dcba527b4eb4467c18e27acbd8937279404dfd148b77fb5b650bc7f9e208422
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a35d02ba97e3e4cd1b7c4eb7241bab9f41afb84fa2db2f18d665e946a09122e
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f255686c54d42d8c9c2a046638a017312914a16ca4b444cacfbcae8fabe807e
2f9cad3b318540a9345ba5653f3e805108bfe0ba02aa5c135cdeef7322283d72
323356bea8a6a202c80f8ed4dd22ba1cf3eb061f2a8f927e4ce4aca7661ea0e5
345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a
36f19987a72302f93d62560fa2ca9bf4f9b56aeab752648c5e039c05eeccba8a
389566d333197647653fcf27be7e79eb1c93b82bff0f3585cb2ce4a9259ca756
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
396aa9bde88362bd1d235c6cd499d7ebe1e3dea3e988f3d147aed59be821c44e
39d42c51914990a5fd1d0f4450883a50bdcb0f17a6bd5771f86c028101611c9f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
43477044787cfca0a9ff2f6586e76ddf9721dfe0caa4136d50b204b419969c85
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ef59339df86d140d563ae54ba0af2ed0bd9d4af5e75fe61edb1b8dbcd2dfdc
4609f2029d4a91ed4d98f3bc6abcefb20588a4b27ce2dd969b7b9d1074800464
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1352059225e20ff83188f1b2a14022ecbbe1f4421226beb884fd7fde98707d
517977e97442af426c8d226fc8187fa9d036c7a566a9cc1488dc553102f8aa64
5411fa3b97646d618255d3aeb674b7cc86798a7ccfdd59136a15e18e87a998e4
54358e6c0ca9fb0dc79a594d0f3e76d69127dc76899f83a1bdecbf7f81f59f5a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6199b87f123f744f322eb478305f60fbf9b36b220acd2c099b26428e894f3465
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624ade36c76e96a273bb85a6040d71e1fb731fab6c7b1d30a6460d5664c66fee
6414e2acb93d61cc7427584530f90ae20a94b358bce7cdb4b05dd03eec4b60c5
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6766855449a9306fdca2e4c00b459422bd25730f90309ff608ccd6c8e6f67371
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e09854c4e5ccc9d3bf3d5ff9d58021b04622f3bb600e9344d6a5a0f25cffb7a
6e28e3f8d185f134736c50278f5039ff8168dc11d98640f164f4648632e9d127
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
76e4f72ba91fb1440620bb79c43834df68aa57cc038b35325a5acec18db239c4
7b8f5cff2b93dd56ca8081e67ee4ba33b2b71b6324a471691e427444c84a9ce1
7ffc104c9694ddc19f5162ba8021d2ea8fc262ca055042a71e0d17b09b5c0f4e
80cdb452efb83d2576f33946582347cf3715a1eb7707efe34d3bab5c9d2eb705
857e0bdc9ba878e6786a287c65f8e5121f2fb85d244bc3a5f8edbb7d39025ae7
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8a29ff2cf4b0d13b171b9282d41c69c9324adc9e8842bc0d4ef3f5f0b6b386b7
8bd65dbf5130ef5e064320f6f300b54f82c06e9893055611fcf639d6eb8fbfbc
8cedd808f9c406831a20a8e26435f056d66bd761f3ffbfb7a297a4d1c524dc08
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
951a2067a584dbb3151388bf54762ad93bf94d45898f311b0bdda74ba76d12de
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
992d5dd4f6d819b096474930d8b6c9b2650042366d1f539b42198ed1fdd73cad
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec8809d403fd1f42e287cbf8a2eac126f78bca7ef1b7c046bba156e3de7b6a2
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9fad61d7fe6d6bdb0f750648a45f17c71a1f1216fb2f636216be5b4be57d0158
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a01d1b7e2596b94776b19e86f136c2198fe3898792a921df380fc7b44a6f00
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52eb4b3d22ba31f1bd0b5cfb760ea77142cee79695ae4394c78a9b7bfd7adf8
ad880bd4f96df8c0fa793c170113c0fc2670b09614fcc9b5880402f88956d63a
aef79460d9d38f7a5349a194da19ef705d97dba070b4741344188a1f43edf015
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95
bc37a163eb8df49043fdf168f15af82d630845100909c3651a469a96f22cc818
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c58b5a51b2177a2b7d12ee0c4638194266e6efb467b19031602e9f4cb3f13647
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
d5df1e8e6f20517566308466b4251c6c9e54facd975bcca40713d20b763d3545
d70004b9ccd3af99f650f77d4ff2d318867bf1a0b0bd1fe43799445cbc9bbe97
db9bfa3ff078313996a32ea9199a549baddee1fc790dc11fb910a286ff756698
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd0f104fb9fbe15c6830bffbdb9683cf1a643263a9c30491d420b02c91f90ba
e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e491a498ec121779ed7c282df30dc76e479a73a0d2234535399bde198e3c93fc
e55eb04013fbd443d55b10ae80551bba8a4946c62ea50a134e820caeb1521a11
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e5b8f8113f98b6e61c77542de0689621daa14087934122935b9d19db67a59dd7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea0a3347586d6655b46a02ad49e267649273207f1099d548e069cae4b7b2bc61
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3744493019d5eccccd7fa4b762681fa77fffa484d1e67db52a5b2e519c722f8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5eb4ac3390920825c2f368d1fcfca6b0c998b80b75f7b970aab00363137c12d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6e6fb1f93175bf783970742a357934e73808e149f8ab237828f0ca8a12f2588
f8f36fc19fd2de7fd06149429b69254d05e72044347a958e2615d4dcf2bbe8ed
fbb8c1bb3a274e0894353deaa0e93da048a6a40e3a237396f24f068148bb27da
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
fe07efdd5e684d45122a423912418479f077788be884c22db961d91332fb690b
febd258efb733049bebaeb24269fb6448aee953be138a3fbd7cb96bd63620727
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e